Update to 2022-01-28 00:00

2025-10-31 10:51:27 +01:00 · 2022-01-28 00:00:19 +01:00
parent 6870f5b171
commit c614bcb149
7 changed files with 104 additions and 17 deletions
--- a/roles/taiga/defaults/main.yml
+++ b/roles/taiga/defaults/main.yml
@@ -2,6 +2,8 @@

 # Version to deploy
 taiga_version: 6.5.0
+# Should ansible handle upgrades ? If False, only the initial install will be done
+taiga_manage_upgrade: True
 # Where taiga will be installed
 taiga_root_dir: /opt/taiga
 # User under which taiga will run (will be created)
@@ -62,6 +64,8 @@ taiga_public_url: https://{{ inventory_hostname }}/

 # Registration enabled ?
 taiga_user_registration: False
+# If registration is enabled (or if oidc auth is enabled), you can restrict email domains accepted by taiga
+taiga_user_registration_allowed_domains: []
 # Max upload file size (in MB)
 taiga_max_upload_file_size: 20

@@ -74,3 +78,18 @@ taiga_smtp_ssl: "{{ (taiga_smtp_port == 465) | ternary(True, False) }}"
 # If your SMTP server requires an authentication, set the following variables
 #taiga_smtp_user: taiga@example.org
 #taiga_smtp_pass: p@ssw0rd
+
+# OIDC authentication
+taiga_oidc_auth: False
+taiga_oidc_auth_url: https://sso.{{ ansible_domain }}/oauth2/authorize
+taiga_oidc_user_url: https://sso.{{ ansible_domain }}/oauth2/userinfo
+taiga_oidc_token_url: https://sso.{{ ansible_domain }}/oauth2/token
+taiga_oidc_scope: openid email profile
+taiga_oidc_name: SSO ({{ ansible_domain }})
+taiga_oidc_client_id: taiga
+# taiga_oidc_client_secret must be provided
+# taiga_oidc_client_secret: S3cr3t.
+taiga_oidc_id_field: sub
+taiga_oidc_user_field: sub
+taiga_oidc_fullname_field: name
+taiga_oidc_email_field: email