16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
# File 'modules/oauth2_proxy/manifests/oidc.pp', line 16
class oauth2_proxy::oidc (
Array[String[1]] $upstreams,
String[1] $client_id,
Sensitive[String[1]] $client_secret,
Sensitive[String[1]] $cookie_secret,
String[1] $cookie_domain,
Stdlib::HTTPSUrl $redirect_url,
String[1] $email_domain = '*',
Stdlib::HTTPSUrl $issuer_url = 'https://idp.wikimedia.org/oidc',
String[1] $listen_address = '127.0.0.1:4180',
Array[String] $skip_auth_routes = [],
) {
ensure_packages(['oauth2-proxy'])
if ! ($cookie_secret.unwrap.length in [16, 24, 32]) {
fail('Cookie secret length must be 16, 24 or 32 bytes')
}
service { 'oauth2-proxy':
ensure => running,
}
file { '/etc/oauth2-proxy.cfg':
ensure => present,
owner => 'oauth2-proxy',
group => 'root',
mode => '0440',
content => template('oauth2_proxy/oidc.erb'),
notify => Service['oauth2-proxy'],
show_diff => false,
require => Package['oauth2-proxy'],
}
}
|