diff --git a/defaults/main/ood_portal.yml b/defaults/main/ood_portal.yml index 39eb865..75c00c4 100644 --- a/defaults/main/ood_portal.yml +++ b/defaults/main/ood_portal.yml @@ -100,6 +100,8 @@ oidc_settings_samefile: false # register_uri: # register_root: +# register_method: 'Alias' +# register_method_options: null # # Apache for mod_auth_openidc, default undef # ood_auth_openidc: diff --git a/molecule/default/fixtures/config/ood_portal.yml.custom.apache2 b/molecule/default/fixtures/config/ood_portal.yml.custom.apache2 index 41ed403..3e0d975 100644 --- a/molecule/default/fixtures/config/ood_portal.yml.custom.apache2 +++ b/molecule/default/fixtures/config/ood_portal.yml.custom.apache2 @@ -398,6 +398,20 @@ oidc_uri: /custom-oidc-path # Default: null (display error to user if mapping fails) #register_root: null +# Method for url used to register an unmapped user +# Example: +# register_method: 'ScriptAlias' +# Default: 'Alias' +register_method: 'Alias' + +# List of SSL Apache directives added to register an unmapped user +# Example: +# register_method: +# - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' +# Default: null +register_method_options: + - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' + # OIDC metadata URL # Example: # oidc_provider_metadata_url: https://example.com:5554/.well-known/openid-configuration diff --git a/molecule/default/fixtures/config/ood_portal.yml.custom.httpd b/molecule/default/fixtures/config/ood_portal.yml.custom.httpd index 1cded5d..302ab8a 100644 --- a/molecule/default/fixtures/config/ood_portal.yml.custom.httpd +++ b/molecule/default/fixtures/config/ood_portal.yml.custom.httpd @@ -398,6 +398,20 @@ oidc_uri: /custom-oidc-path # Default: null (display error to user if mapping fails) #register_root: null +# Method for url used to register an unmapped user +# Example: +# register_method: 'ScriptAlias' +# Default: 'Alias' +register_method: 'Alias' + +# List of SSL Apache directives added to register an unmapped user +# Example: +# register_method: +# - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' +# Default: null +register_method_options: + - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' + # OIDC metadata URL # Example: # oidc_provider_metadata_url: https://example.com:5554/.well-known/openid-configuration diff --git a/molecule/default/fixtures/config/ood_portal.yml.default.apache2 b/molecule/default/fixtures/config/ood_portal.yml.default.apache2 index 5d13fb9..ec428a3 100644 --- a/molecule/default/fixtures/config/ood_portal.yml.default.apache2 +++ b/molecule/default/fixtures/config/ood_portal.yml.default.apache2 @@ -387,6 +387,19 @@ pun_max_retries: 5 # Default: null (display error to user if mapping fails) #register_root: null +# Method for url used to register an unmapped user +# Example: +# register_method: 'ScriptAlias' +# Default: 'Alias' +#register_method: 'Alias' + +# List of SSL Apache directives added to register an unmapped user +# Example: +# register_method: +# - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' +# Default: null +#register_method_options: null + # OIDC metadata URL # Example: # oidc_provider_metadata_url: https://example.com:5554/.well-known/openid-configuration diff --git a/molecule/default/fixtures/config/ood_portal.yml.default.httpd b/molecule/default/fixtures/config/ood_portal.yml.default.httpd index 951bd0e..c9bc079 100644 --- a/molecule/default/fixtures/config/ood_portal.yml.default.httpd +++ b/molecule/default/fixtures/config/ood_portal.yml.default.httpd @@ -387,6 +387,19 @@ pun_max_retries: 5 # Default: null (display error to user if mapping fails) #register_root: null +# Method for url used to register an unmapped user +# Example: +# register_method: 'ScriptAlias' +# Default: 'Alias' +#register_method: 'Alias' + +# List of SSL Apache directives added to register an unmapped user +# Example: +# register_method: +# - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' +# Default: null +#register_method_options: null + # OIDC metadata URL # Example: # oidc_provider_metadata_url: https://example.com:5554/.well-known/openid-configuration diff --git a/molecule/default/fixtures/config/ood_portal.yml.oidc.apache2 b/molecule/default/fixtures/config/ood_portal.yml.oidc.apache2 index 4316a51..e45f105 100644 --- a/molecule/default/fixtures/config/ood_portal.yml.oidc.apache2 +++ b/molecule/default/fixtures/config/ood_portal.yml.oidc.apache2 @@ -388,6 +388,19 @@ oidc_discover_root: /var/www/ood/discover # Default: null (display error to user if mapping fails) #register_root: null +# Method for url used to register an unmapped user +# Example: +# register_method: 'ScriptAlias' +# Default: 'Alias' +#register_method: 'Alias' + +# List of SSL Apache directives added to register an unmapped user +# Example: +# register_method: +# - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' +# Default: null +#register_method_options: null + # OIDC metadata URL # Example: # oidc_provider_metadata_url: https://example.com:5554/.well-known/openid-configuration diff --git a/molecule/default/fixtures/config/ood_portal.yml.oidc.httpd b/molecule/default/fixtures/config/ood_portal.yml.oidc.httpd index 0b1cfbc..26a2e58 100644 --- a/molecule/default/fixtures/config/ood_portal.yml.oidc.httpd +++ b/molecule/default/fixtures/config/ood_portal.yml.oidc.httpd @@ -388,6 +388,19 @@ oidc_discover_root: /var/www/ood/discover # Default: null (display error to user if mapping fails) #register_root: null +# Method for url used to register an unmapped user +# Example: +# register_method: 'ScriptAlias' +# Default: 'Alias' +#register_method: 'Alias' + +# List of SSL Apache directives added to register an unmapped user +# Example: +# register_method: +# - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' +# Default: null +#register_method_options: null + # OIDC metadata URL # Example: # oidc_provider_metadata_url: https://example.com:5554/.well-known/openid-configuration diff --git a/molecule/default/vars/portal.yml b/molecule/default/vars/portal.yml index 17683f5..63c56ea 100644 --- a/molecule/default/vars/portal.yml +++ b/molecule/default/vars/portal.yml @@ -37,4 +37,8 @@ ood_auth_openidc: OIDCCryptoPassphrase: mycryptopass strip_proxy_cookies: ["mod_auth_openidc_session"] -strip_proxy_headers: ["Authorization", "OIDC_access_token"] \ No newline at end of file +strip_proxy_headers: ["Authorization", "OIDC_access_token"] + +register_method: Alias +register_method_options: + - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' \ No newline at end of file diff --git a/templates/ood_portal.yml.j2 b/templates/ood_portal.yml.j2 index 6dfef3b..76ebaef 100644 --- a/templates/ood_portal.yml.j2 +++ b/templates/ood_portal.yml.j2 @@ -487,6 +487,27 @@ pun_max_retries: {{ pun_max_retries }} {% else %}#register_root: null {% endif %} +# Method for url used to register an unmapped user +# Example: +# register_method: 'ScriptAlias' +# Default: 'Alias' +{% if register_method is defined %}register_method: '{{ register_method }}' +{% else %}#register_method: 'Alias' +{% endif %} + +# List of SSL Apache directives added to register an unmapped user +# Example: +# register_method: +# - 'WSGIDaemonProcess register user=www-data group=www-data threads=5 home=/var/www/flask-apps/register' +# Default: null +{% if register_method_options is defined %} +register_method_options: +{% for option in register_method_options %} + - '{{ option }}' +{% endfor %} +{% else %}#register_method_options: null +{% endif %} + # OIDC metadata URL # Example: # oidc_provider_metadata_url: https://example.com:5554/.well-known/openid-configuration