diff --git a/ansible/doi-service-standalone.yml b/ansible/doi-service-standalone.yml index 37af32b4a..d19a43780 100644 --- a/ansible/doi-service-standalone.yml +++ b/ansible/doi-service-standalone.yml @@ -4,7 +4,7 @@ - java - postfix - {role: db-backup, db: postgres, db_name: "{{ doi_db_name }}", db_user: "{{ doi_db_user }}", db_password: "{{ doi_db_password }}" } - - {role: postgresql, pg_version: "9.6"} + - {role: postgresql, pg_version: "14"} - {role: pg_instance, extensions: ["citext", "pgcrypto"], db_name: "{{ doi_db_name }}", db_user: "{{ doi_db_user }}", db_password: "{{ doi_db_password }}" } - {role: ansible-elasticsearch, es_templates: false, es_instance_name: 'doi-elasticsearch', es_data_dirs: ['/data/elasticsearch'], tags: ['elasticsearch']} - webserver diff --git a/ansible/roles/alerts/templates/alerts-config.properties b/ansible/roles/alerts/templates/alerts-config.properties index 5670f2ee2..fcbf2a511 100644 --- a/ansible/roles/alerts/templates/alerts-config.properties +++ b/ansible/roles/alerts/templates/alerts-config.properties @@ -5,7 +5,7 @@ grails.serverURL={{ alerts_base_url }}{{ alerts_context_path }} # CAS Config security.cas.appServerName={{ alerts_base_url }}{{ alerts_context_path }} -security.cas.uriFilterPattern=/,/alaAdmin.*,/testAuth.*,/query/.*,/admin/?.*,/admin/user/.*,/admin/user/debug/.*,/admin/debug/all,/notification/myAlerts,/notification/changeFrequency,/notification/addMyAlert,/notification/addMyAlert/.*,/notification/deleteMyAlert/.*,/notification/deleteMyAlert/.*,/notification/deleteMyAlertWR/.*,/webservice/.*,/webservice/createTaxonAlert,/webservice/taxonAlerts,/webservice/createRegionAlert,/webservice/regionAlerts,/webservice/deleteTaxonAlert/.*,/webservice/create*,/webservice/createSpeciesGroupRegionAlert,/ws/.*,/ws/createTaxonAlert,/ws/taxonAlerts,/ws/createRegionAlert,/ws/regionAlerts,/ws/deleteTaxonAlert/.*,/ws/createTaxonRegionAlert,/ws/createSpeciesGroupRegionAlert,/admin/runChecksNow, /quartz/.* +security.cas.uriFilterPattern=/,/alaAdmin/*,/testAuth/*,/query/*,/admin/*,/admin/user/*,/admin/user/debug/*,/admin/debug/all,/notification/myAlerts,/notification/changeFrequency,/notification/addMyAlert,/notification/addMyAlert/*,/notification/deleteMyAlert/*,/notification/deleteMyAlert/*,/notification/deleteMyAlertWR/*,/webservice/*,/webservice/createTaxonAlert,/webservice/taxonAlerts,/webservice/createRegionAlert,/webservice/regionAlerts,/webservice/deleteTaxonAlert/*,/webservice/create*,/webservice/createSpeciesGroupRegionAlert,/ws/*,/ws/createTaxonAlert,/ws/taxonAlerts,/ws/createRegionAlert,/ws/regionAlerts,/ws/deleteTaxonAlert/*,/ws/createTaxonRegionAlert,/ws/createSpeciesGroupRegionAlert,/admin/runChecksNow, /quartz/* security.cas.uriExclusionFilterPattern=/images.*,/css.*,/js.*,/less.* security.cas.authenticateOnlyIfLoggedInPattern=/unsubscribe.* security.cas.adminRole=ROLE_ADMIN @@ -87,3 +87,9 @@ google.apikey={{ google_apikey | default('') }} biosecurity.moreinfo.link={{ biosecurity_more_info | default('') }} biosecurity.queryurl.template={{ biosecurity_query_url | default('/occurrences/search?q=species_list_uid:___LISTIDPARAM___&fq=decade:2020&fq=country:Australia&fq=first_loaded_date:[___DATEPARAM___%20TO%20*]&sort=first_loaded_date&dir=desc') }} specieslist.server={{ species_list_server | default('https://lists.ala.org.au') }} + +#oidc related +security.oidc.clientId={{ clientId | default('') }} +security.oidc.secret={{ secret | default('') }} +security.oidc.discoveryUri={{ discoveryUri | default('') }} +security.jwt.discoveryUri={{ discoveryUri | default('') }} \ No newline at end of file diff --git a/ansible/roles/doi-service/templates/doi-service-config.yml b/ansible/roles/doi-service/templates/doi-service-config.yml index b2f7c0647..8c4bdb1f8 100644 --- a/ansible/roles/doi-service/templates/doi-service-config.yml +++ b/ansible/roles/doi-service/templates/doi-service-config.yml @@ -13,6 +13,12 @@ security: appServerName: https://{{ doi_service_hostname }} loginUrl: {{ auth_cas_url }}/login logoutUrl: {{ auth_cas_url }}/logout + oidc: + clientId: { { clientId | default('') } } + secret: { { secret | default('') } } + discoveryUri: { { discoveryUri | default('') } } + jwt: + discoveryUri: { { discoveryUri | default('') } } apikey: check: serviceUrl: {{ auth_base_url }}/apikey/ws/check?apikey= diff --git a/ansible/roles/doi-service/vars/main.yml b/ansible/roles/doi-service/vars/main.yml index 1a6442bf5..809aca7fe 100644 --- a/ansible/roles/doi-service/vars/main.yml +++ b/ansible/roles/doi-service/vars/main.yml @@ -3,5 +3,5 @@ version: "{{ doi_service_version | default('LATEST') }}" artifactId: "doi-service" classifier: 'exec' groupId: "au.org.ala" -packaging: "jar" +packaging: "war" doi_service_jar_url: "{{maven_repo_ws_url}}" diff --git a/ansible/roles/image-service/templates/config/image-service-config.yml b/ansible/roles/image-service/templates/config/image-service-config.yml index 5bb627271..21deb9231 100644 --- a/ansible/roles/image-service/templates/config/image-service-config.yml +++ b/ansible/roles/image-service/templates/config/image-service-config.yml @@ -16,6 +16,12 @@ security: casServerLogoutUrl: {{ auth_cas_url }}/logout loginUrl: {{ auth_cas_url }}/login logoutUrl: {{ auth_cas_url }}/logout + oidc: + clientId: {{ clientId | default('') }} + secret: {{ secret | default('') }} + discoveryUri: {{ discoveryUri | default('') }} + jwt: + discoveryUri: {{ discoveryUri | default('') }} apikey: ip: whitelist: {{ image_service_whitelist | default('') }} diff --git a/ansible/roles/image-service/vars/main.yml b/ansible/roles/image-service/vars/main.yml index c8655c1d7..1e6daefec 100644 --- a/ansible/roles/image-service/vars/main.yml +++ b/ansible/roles/image-service/vars/main.yml @@ -3,5 +3,5 @@ artifactId: "image-service" image_service_url: "{{maven_repo_ws_url}}" classifier: 'exec' groupId: "au.org.ala" -packaging: "jar" +packaging: "war" image_service_jar_url: "{{maven_repo_ws_url}}" diff --git a/ansible/roles/logger-service/templates/logger-config.properties b/ansible/roles/logger-service/templates/logger-config.properties index c66c86db2..84bf1672e 100644 --- a/ansible/roles/logger-service/templates/logger-config.properties +++ b/ansible/roles/logger-service/templates/logger-config.properties @@ -55,3 +55,9 @@ skin.orgNameLong={{ skin_orgNameLong | default('Atlas of Living Australia') }} skin.orgNameShort = {{ orgNameShort | default('ALA') }} skin.orgSupportEmail={{ orgSupportEmail | default('support@ala.org.au') }} privacyPolicy={{ privacy_policy_url | default('https://www.ala.org.au/about/terms-of-use/privacy-policy/') }} + +#oidc related +security.oidc.clientId={{ clientId | default('') }} +security.oidc.secret={{ secret | default('') }} +security.oidc.discoveryUri={{ discoveryUri | default('') }} +security.jwt.discoveryUri={{ discoveryUri | default('') }} \ No newline at end of file