Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/gpappsoft/privacyidea-ansible

Ansbile role to deploy privacyidea container from privacyidea-docker project on Ubuntu
https://github.com/gpappsoft/privacyidea-ansible

ansible ansible-role deployment docker mfa otp privacyidea security ubuntu

Last synced: 12 days ago
JSON representation

Ansbile role to deploy privacyidea container from privacyidea-docker project on Ubuntu

Host: GitHub
URL: https://github.com/gpappsoft/privacyidea-ansible
Owner: gpappsoft
License: mit
Created: 2024-10-20T13:14:53.000Z (18 days ago)
Default Branch: main
Last Pushed: 2024-10-21T14:15:49.000Z (17 days ago)
Last Synced: 2024-10-21T21:48:55.963Z (17 days ago)
Topics: ansible, ansible-role, deployment, docker, mfa, otp, privacyidea, security, ubuntu
Language: Shell
Homepage:
Size: 26.4 KB
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

### Install privacyIDEA locally on bare-metal or VM with ansible using docker containers

Easy deploys a privacyIDEA stack with container from [privacyidea-docker](https://github.com/gpappsoft/privacyidea-docker/) project on an Ubuntu 22.04/24.04 VM or bare-metal.

#### Requirements

A fresh:
- Ubuntu 22.04/24.04 LTS base or minimal installation.
- User with sudo privileges

**Do not install the Ubuntu Docker snap-in. The ansible role will install Docker-CE from the official Docker repository.**

#### Setup

Download and copy ```install.sh``` from the release page to the target host and run the script:

```
chmod +x install.sh
./install.sh
```
or build and run your installer on the target host:
```
git clone https://github.com/gpappsoft/privacyidea-ansible.git
cd privacyidea-ansible
# create install.sh with PAYLOAD in /tmp
tar czvf /tmp/privacyidea.tgz privacyidea
cat install.sh /tmp/privacyidea.tgz > /tmp/install.sh
chmod +x /tmp/install.sh
./tmp/installer.sh
```

#### privacyIDEA stack

The stack contains:
- privacyIDEA
- MariaDB Database
- Freeradius with privacyIDEA plugin
- NGINX as a reverse proxy
- OpenLDAP (optional)

Check ```environment.env``` file after installing for privacyIDEA-WebUI admin password (Username: **admin**)

Access to WebUI via HTTPS (443)

#### How to configure

- Use the ```privacyidea/roles/privacyidea/files/environment.env``` file to configure the stack.
- Set service for the stack in ```privacyidea/group_vars/allprivacyidea/group_vars/all```

**SECRET, PEPPER, DB_PASSWORD**, **ENCKEY** and **PI_ADMIN_PASS** will be generated on the first run by the ansible role.

#### Manual deployment with ansible

```
python3 -m venv ~/privacyidea-ansible
source ~/privacyidea-ansible/bin/activate
pip3 install -q ansible-core==2.17.5 ansible==10.5.0
```
Run ansible playbook

```
cd ~/privacyidea-ansible/privacyidea
ansible-playbook -i production site.yml -b
```
To run on multiple hosts or on a remote host, adjust the ```production``` inventory

#### Bugs/TODOs:
- Only **Ubuntu** (22.04/24.04) supported at the moment

#### Disclaimer

This project is my private project doing in my spare time. This project is not from the NetKnights company. The project uses the open-source version of privacyIDEA. There is no official support from NetKnights for this project.