External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-27 00:21:30 -03:30
Code Issues Packages Projects Releases Wiki Activity
awx/tools/docker-compose/ansible/roles/sources/defaults/main.yml
Seth Foster d43c91e1a5
Option for dev env to enable ssl for postgres (#15151) 
PG_TLS=true make docker-compose

This will add some extra startup commands
for the postgres container to generate a key and
cert to use for postgres connections.
It will also mount in pgssl.conf which has ssl configuration.

This can be useful for debugging issues that only surface
when using ssl postgres connections.
2024-06-05 12:48:08 -04:00

68 lines
2.4 KiB
YAML
Raw Blame History

---
compose_name: 'docker-compose.yml'
awx_image: 'ghcr.io/ansible/awx_devel'
pg_port: 5432
pg_username: 'awx'
pg_database: 'awx'
pg_tls: false
control_plane_node_count: 1
minikube_container_group: false
receptor_socket_file: /var/run/awx-receptor/receptor.sock
receptor_image: quay.io/ansible/receptor:devel
ingress_path: /
api_urlpattern_prefix: ''
# Keys for signing work
receptor_rsa_bits: 4096
receptor_work_sign_reconfigure: false
sign_work: no # currently defaults to no because openssl version mismatch causes "unknown block type PRIVATE KEY"
work_sign_key_dir: '../_sources/receptor'
work_sign_private_keyfile: "{{ work_sign_key_dir }}/work_private_key.pem"
work_sign_public_keyfile: "{{ work_sign_key_dir }}/work_public_key.pem"
# SSO variables
enable_keycloak: false
enable_ldap: false
ldap_public_key_file_name: 'ldap.cert'
ldap_private_key_file_name: 'ldap.key'
ldap_cert_dir: '{{ sources_dest }}/ldap_certs'
ldap_diff_dir: '{{ sources_dest }}/ldap_diffs'
ldap_public_key_file: '{{ ldap_cert_dir }}/{{ ldap_public_key_file_name }}'
ldap_private_key_file: '{{ ldap_cert_dir }}/{{ ldap_private_key_file_name }}'
ldap_cert_subject: "/C=US/ST=NC/L=Durham/O=awx/CN="
# Hashicorp Vault
enable_vault: false
vault_tls: false
hashivault_cert_dir: '{{ sources_dest }}/vault_certs'
hashivault_vars_file: '../vault/defaults/main.yml'
hashivault_server_cert_subject: "/C=US/ST=NC/L=Durham/O=awx/CN=tools-vault-1"
hashivault_server_cert_extensions:
- "subjectAltName = DNS:tools_vault_1, DNS:localhost"
- "keyUsage = digitalSignature, nonRepudiation"
- "extendedKeyUsage = serverAuth"
hashivault_client_cert_extensions:
- "subjectAltName = DNS:awx-vault-client"
- "keyUsage = digitalSignature, nonRepudiation"
- "extendedKeyUsage = serverAuth, clientAuth"
hashivault_client_cert_subject: "/C=US/ST=NC/L=Durham/O=awx/CN=awx-vault-client"
hashivault_server_public_keyfile: '{{ hashivault_cert_dir }}/server.crt'
hashivault_server_private_keyfile: '{{ hashivault_cert_dir }}/server.key'
hashivault_client_public_keyfile: '{{ hashivault_cert_dir }}/client.crt'
hashivault_client_private_keyfile: '{{ hashivault_cert_dir }}/client.key'
# Metrics
enable_splunk: false
enable_grafana: false
enable_prometheus: false
scrape_interval: '5s'
# pgbouncer
enable_pgbouncer: false
pgbouncer_port: 6432
pgbouncer_max_pool_size: 70
# editable_dependencies
install_editable_dependencies: false
editable_dependencies: []
Reference in New Issue View Git Blame Copy Permalink