Browse Source

configured oauth2-proxy

master
Sean Johnson 5 months ago
parent
commit
8cdd01790e
  1. 12
      app/oauth2_proxy/config.sls
  2. 3
      app/oauth2_proxy/defaults.yaml
  3. 59
      app/oauth2_proxy/init.sls
  4. 1
      app/oauth2_proxy/map.jinja
  5. 44
      app/oauth2_proxy/service.sls

12
app/oauth2_proxy/config.sls

@ -0,0 +1,12 @@ @@ -0,0 +1,12 @@
#!jinja|yaml
---
{% from "app/oauth2_proxy/map.jinja" import config, config_file with context %}
{{ config_file }}:
file.serialize:
- formatter: toml
- dataset: {{ config | tojson }}
- makedirs: true
- user: root
- group: root
- mode: 0640

3
app/oauth2_proxy/defaults.yaml

@ -13,4 +13,7 @@ container: @@ -13,4 +13,7 @@ container:
tag: v7.2.1
settings:
enabled: false
conf_dir: /opt/oauth2-proxy
config: {}

59
app/oauth2_proxy/init.sls

@ -1,55 +1,10 @@ @@ -1,55 +1,10 @@
---
---
{% from "app/oauth2_proxy/map.jinja" import container, settings with context %}
{% set config_file = settings.conf_dir | path_join("settings.cfg") %}
{{ config_file }}:
file.serialize:
- formatter: toml
- dataset: {{ settings | tojson }}
- makedirs: true
- user: root
- group: root
- mode: 0640
oauth2-proxy image:
docker_image.present:
- name: {{ container.image }}
- tag: {{ container.tag }}
{% from "app/oauth2_proxy/map.jinja" import settings with context %}
oauth2-proxy container:
docker_container.running:
- require:
- docker_image: oauth2-proxy image
- watch:
- file: {{ config_file }}
- image: {{ container.image }}:{{ container.tag }}
- name: oauth2-proxy
- detach: true
- privileged: false
- shm_size: {{ container.shm_size }}
- restart_policy: "{{ container.restart }}"
{%- if container.log_options %}
- log_opt:
{%- for key, value in container.log_options.items() %}
- {{ key | yaml_squote }}: {{ value | yaml_dquote }}
{%- endfor %}
{% endif %}
- labels:
- appname=oauth2-proxy
- binds:
- {{ settings.conf_dir }}:/etc/oauth2-proxy:ro
{%- for bind in container.binds %}
- {{ bind }}
{%- endfor %}
{% if container.env %}
- environment:
{%- for key, value in container.env.items() %}
- {{ key }}: {{ value | yaml_squote }}
{%- endfor %}
{% endif %}
- command: >
--config=/etc/oauth2-proxy/settings.cfg
{% if settings.args %}{% for arg in settings.args %} {{ arg }}
{% endfor %}{% endif %}
include:
- .config
{% if settings.enabled is true %}
- .service
{% endif %}

1
app/oauth2_proxy/map.jinja

@ -2,3 +2,4 @@ @@ -2,3 +2,4 @@
{% set container = salt.pillar.get("oauth2-proxy:container", default=defaults["container"], merge=true) %}
{% set settings = salt.pillar.get("oauth2-proxy:settings", default=defaults["settings"], merge=true) %}
{% set config_file = settings.conf_dir | path_join("settings.cfg") %}

44
app/oauth2_proxy/service.sls

@ -0,0 +1,44 @@ @@ -0,0 +1,44 @@
#!jinja|yaml
---
{% from "app/oauth2_proxy/map.jinja" import container, settings, config_file with context %}
oauth2-proxy image:
docker_image.present:
- name: {{ container.image }}
- tag: {{ container.tag }}
oauth2-proxy container:
docker_container.running:
- require:
- docker_image: oauth2-proxy image
- watch:
- file: {{ config_file }}
- image: {{ container.image }}:{{ container.tag }}
- name: oauth2-proxy
- detach: true
- privileged: false
- shm_size: {{ container.shm_size }}
- restart_policy: "{{ container.restart }}"
{%- if container.log_options %}
- log_opt:
{%- for key, value in container.log_options.items() %}
- {{ key | yaml_squote }}: {{ value | yaml_dquote }}
{%- endfor %}
{% endif %}
- labels:
- appname=oauth2-proxy
- binds:
- {{ settings.conf_dir }}:/etc/oauth2-proxy:ro
{%- for bind in container.binds %}
- {{ bind }}
{%- endfor %}
{% if container.env %}
- environment:
{%- for key, value in container.env.items() %}
- {{ key }}: {{ value | yaml_squote }}
{%- endfor %}
{% endif %}
- command: >
--config=/etc/oauth2-proxy/settings.cfg
{% if settings.args %}{% for arg in settings.args %} {{ arg }}
{% endfor %}{% endif %}
Loading…
Cancel
Save