Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/gpappsoft/privacyidea-ansible
Ansbile role to deploy privacyidea container from privacyidea-docker project on Ubuntu
https://github.com/gpappsoft/privacyidea-ansible
ansible ansible-role deployment docker mfa otp privacyidea security ubuntu
Last synced: 8 days ago
JSON representation
Ansbile role to deploy privacyidea container from privacyidea-docker project on Ubuntu
- Host: GitHub
- URL: https://github.com/gpappsoft/privacyidea-ansible
- Owner: gpappsoft
- License: mit
- Created: 2024-10-20T13:14:53.000Z (2 months ago)
- Default Branch: main
- Last Pushed: 2024-10-23T07:55:00.000Z (2 months ago)
- Last Synced: 2024-10-28T06:31:16.796Z (about 2 months ago)
- Topics: ansible, ansible-role, deployment, docker, mfa, otp, privacyidea, security, ubuntu
- Language: Shell
- Homepage:
- Size: 42 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
### Install privacyIDEA locally on bare-metal or VM with ansible using docker containers
Easy deploys a privacyIDEA stack with container from [privacyidea-docker](https://github.com/gpappsoft/privacyidea-docker/) project on an Ubuntu 22.04/24.04 VM or bare-metal.
#### Requirements
A fresh:
- Ubuntu 22.04/24.04 LTS base or minimal installation.
- User with sudo privileges**Do not install the Ubuntu Docker snap-in. The ansible role will install Docker-CE from the official Docker repository.**
#### Setup
Download and copy ```install.sh``` from the release page to the target host and run the script:
```
chmod +x install.sh
./install.sh
```
or build and run your installer on the target host:
```
git clone https://github.com/gpappsoft/privacyidea-ansible.git
cd privacyidea-ansible
# create install.sh with PAYLOAD in /tmp
tar czvf /tmp/privacyidea.tgz privacyidea
cat install.sh /tmp/privacyidea.tgz > /tmp/install.sh
chmod +x /tmp/install.sh
./tmp/installer.sh
```#### privacyIDEA stack
The stack contains:
- privacyIDEA
- MariaDB Database
- Freeradius with privacyIDEA plugin
- NGINX as a reverse proxy
- OpenLDAP (optional)Check ```environment.env``` file after installing for privacyIDEA-WebUI admin password (Username: **admin**)
Access to WebUI via HTTPS (443)
#### How to configure
- Use the ```privacyidea/roles/privacyidea/files/environment.env``` file to configure the stack.
- Set service for the stack in ```privacyidea/group_vars/allprivacyidea/group_vars/all```**SECRET, PEPPER, DB_PASSWORD**, **ENCKEY** and **PI_ADMIN_PASS** will be generated on the first run by the ansible role.
#### Manual deployment with ansible
```
python3 -m venv ~/privacyidea-ansible
source ~/privacyidea-ansible/bin/activate
pip3 install -q ansible-core==2.17.5 ansible==10.5.0
```
Run ansible playbook```
cd ~/privacyidea-ansible/privacyidea
ansible-playbook -i production site.yml -b
```
To run on multiple hosts or on a remote host, adjust the ```production``` inventory#### Bugs/TODOs:
- Only **Ubuntu** (22.04/24.04) supported at the moment#### Disclaimer
This project is my private project doing in my spare time. This project is not from the NetKnights company. The project uses the open-source version of privacyIDEA. There is no official support from NetKnights for this project.