GuillaumeSmaha.gluu-configuration
Ansible Gluu: Configuration Role
==========
gluu-configuration is an Ansible role designed to quickly set up Gluu by adding or updating entries in the LDAP server.
With this role, you can handle the following configurations:
- Global settings (appliances)
- oxAuth JSON configuration
- oxTrust JSON configuration
- Attributes
- OpenId Connect Scopes
- OpenId Connect Clients
- Groups
- Users
- Custom scripts
If you are running in cluster mode, this role will also change the default authentication settings to utilize all servers with the 'LDAP' module. It automatically uses the gluu_internal_hostname variable from each server with the 'LDAP' module.
Note that this role should be executed on only one node within the cluster.
To use cluster mode with this role, all Gluu servers must be in the gluu-servers group, and the Gluu Cluster Manager must be in the gluu-cluster-manager group.
Sections
History
Gluu's open-source server for authentication and API management allows organizations to provide single sign-on, strong authentication, and centralized management.
Requirements
To deploy, you need:
- Ansible version 2.5.15 on your deployment machine. (Using a newer version may cause issues with python-ldap. Please refer to this GitHub issue)
- The following Python packages installed:
- dpath
- pyDes
- python3-ldap
- ldap3
- dnspython
You can install these dependencies by running:
$ pip install -r requirements.txt
Installation
gluu-configuration is available through Ansible Galaxy. To install the gluu-configuration role, use the command below:
$ ansible-galaxy install GuillaumeSmaha.gluu-configuration
Update
To update the role, use the --force parameter during installation. Here’s an example command:
$ ansible-galaxy install --force GuillaumeSmaha.gluu-configuration
Refer to CHANGELOG.md for updates.
Role Variables
You can define several variables in your configuration:
vars:
# Specify a custom version of the package to install.
gluu_version: 3.1.7
# Global parameters for settings:
gluu_appliances:
# JSON operations for the oxTrust configuration.
gluu_oxtrust_json_operations:
# JSON operations for the oxAuth configuration.
gluu_oxauth_json_operations:
# Attributes to be added or updated.
gluu_attributes:
# OpenId Connect Scopes configuration.
gluu_openid_connect_scopes:
# OpenId Connect Clients configuration.
gluu_openid_connect_clients:
# Groups configuration.
gluu_groups:
# Users configuration.
gluu_users:
# Script configuration.
gluu_scripts:
# Multi-node (cluster) setup.
gluu_cluster: False
gluu_ldap_hostname:
gluu_internal_hostname: '{{ gluu_hostname }}'
Deploying
To deploy, follow these steps:
- Create a
hostsfile (refer to the Ansible inventory documentation for help). - Create a playbook for your app, e.g.,
deploy.yml. - Set up the role variables (see Role Variables).
- Include the
GuillaumeSmaha.gluu-configurationrole in your playbook. - Execute the deployment playbook with:
ansible-playbook -i hosts deploy.yml
If everything is set up correctly, this will install the Gluu Cluster Manager.
Example Playbook
In the example folder, you can find a sample project demonstrating how to deploy.
To run it, you need Vagrant set up and the role installed. More information about Vagrant can be found at https://www.vagrantup.com.
Follow these commands:
$ cd example
$ vagrant plugin install vagrant-lxc
$ vagrant plugin install vagrant-hostmanager
$ vagrant up --provider=lxc
$ ansible-galaxy install GuillaumeSmaha.gluu-setup GuillaumeSmaha.gluu-configuration
$ ansible-playbook -i env/ubuntu deploy.yml
$ ansible-playbook -i env/centos deploy.yml
You can access Gluu at:
Login with these credentials:
- Username: myUser
- Password: test
Sample Projects
You can view a complete example of a playbook here:
ansible-galaxy install GuillaumeSmaha.gluu-configuration