Install and configure oauth2_proxy for LSST SQuaRE infrastructure.
- hosts: servers
roles:
- { role: lsst-sqre.oauth2_proxy }
For complete documentation on options see the oauth2_proxy documentation. This role only implements a subset of options. These options are not passed as command line options but are instead put into a configuration file at /etc/oauth2_proxy/oauth2_proxy.conf
using a template.
oauth2_proxy_client_id
(required) The oauth2_proxy client-id option.
oauth2_proxy_client_secret
(required) The oauth2_proxy client-secret option.
oauth2_proxy_cookie_secret
(required) The oauth2_proxy client-secret option.
oauth2_proxy_cookie_domain
(default "") The oauth2_proxy cookie-domain option.
oauth2_proxy_cookie_expire
(default "730h") The oauth2_proxy cookie-expire option.
oauth2_proxy_cookie_name
(default "_oauth2_proxy") The oauth2_proxy cookie-name option.
oauth2_proxy_cookie_secure
(default true) The oauth2_proxy cookie-secure option.
oauth2_proxy_email_domains
(list, default ["*"]) The oauth2_proxy email-domains option.
oauth2_proxy_github_org
(default "") The oauth2_proxy github-org option.
oauth2_proxy_pass_access_token
(default false) The oauth2_proxy pass-access-token option.
oauth2_proxy_pass_host_header
(default true) The oauth2_proxy pass-host-header option.
oauth2_proxy_provider
(default "github") The oauth2_proxy provider option.
The MIT License. See the LICENSE file.