init

author: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-05-01 01:33:35 -0700
committer: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-05-01 01:33:35 -0700
commit: bbad09e2b15eeca86f83a9d2a97449baf71e326f (patch)
tree: 9d10c3ec94ae11a7cd28131bbcf5d553245006ec /playbooks/roles/kanidm/templates
download: mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.tar.gz
mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.zip
2 files changed, 23 insertions, 0 deletions
diff --git a/playbooks/roles/kanidm/templates/docker-compose.yml.j2 b/playbooks/roles/kanidm/templates/docker-compose.yml.j2
new file mode 100644
index 0000000..b269865
--- /dev/null
+++ b/playbooks/roles/kanidm/templates/docker-compose.yml.j2
@@ -0,0 +1,13 @@
+
+version: '3'
+
+services:
+  kanidm:
+    image: kanidm/server:1.1.0-rc.16
+    restart: always
+    volumes:
+      - ./data:/data
+      - /etc/letsencrypt:/certs:ro
+    ports:
+      - 127.0.0.1:8443:8443
+      - {{ kanidm_bind_address }}:3636:3636
diff --git a/playbooks/roles/kanidm/templates/server.toml.j2 b/playbooks/roles/kanidm/templates/server.toml.j2
new file mode 100644
index 0000000..ac470cc
--- /dev/null
+++ b/playbooks/roles/kanidm/templates/server.toml.j2
@@ -0,0 +1,10 @@
+bindaddress = "[::]:8443"
+ldapbindaddress = "[::]:3636"
+trust_x_forward_for = true
+db_path = "/data/kanidm.db"
+tls_chain = "/certs/live/{{ kanidm_domain }}/fullchain.pem"
+tls_key = "/certs/live/{{ kanidm_domain }}/privkey.pem"
+log_level = "info"
+
+domain = "{{ kanidm_domain }}"
+origin = "https://{{ kanidm_domain }}"
author	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-05-01 01:33:35 -0700
committer	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-05-01 01:33:35 -0700
commit	bbad09e2b15eeca86f83a9d2a97449baf71e326f (patch)
tree	9d10c3ec94ae11a7cd28131bbcf5d553245006ec /playbooks/roles/kanidm/templates
download	mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.tar.gz mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.zip