Puppet Class: oauth2_proxy

Defined in:
manifests/init.pp

Summary

Class to install and configure an oauth2_proxy

Overview

Parameters:

  • manage_user (Boolean) (defaults to: true)

    Should the module manage the user creation Default: true

  • manage_group (Boolean) (defaults to: true)

    Should the module manage the group creation Default: true

  • manage_service (Boolean) (defaults to: true)

    Should the module manage the systemd service Default: true

  • user (String) (defaults to: 'oauth2')

    The useraccount to create the files needed for the proxy Default: ‘oauth2’

  • group (String) (defaults to: 'oauth2')

    The users group accountname Default: same as user

  • install_root (Stdlib::Unixpath) (defaults to: '/opt/oauth2_proxy')

    The path where the proxy will be installed Default: ‘/opt/oauth2_proxy’

  • version (String) (defaults to: '7.3.0')

    The version of oauth2_proxy to install Default: ‘7.3.0’

  • source_base_url (Stdlib::HTTPUrl) (defaults to: "https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v${version}")

    The base URL where the software tarball can be found Default: “github.com/oauth2-proxy/oauth2-proxy/releases/download/v$version”

  • tarball_name (String) (defaults to: "oauth2-proxy-v${version}.linux-amd64.tar.gz")

    The name of the tarball Default: “oauth2-proxy-v$version.linux-amd64.tar.gz”

  • provider (String) (defaults to: 'systemd')

    Provider to use Default: ‘systemd’

  • shell

    Shell to use for oauth2 user Default: ‘/sbin/nologin’

  • systemd_path

    Path of systemd Default: ‘/usr/lib/systemd/system’

  • instances (Optional[Hash]) (defaults to: undef)

    A Hash of oauth2_proxy instances and its configuration Default: ‘/usr/lib/systemd/system’



30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
# File 'manifests/init.pp', line 30

class oauth2_proxy (
  String           $group           = 'oauth2',
  Stdlib::Unixpath $install_root    = '/opt/oauth2_proxy',
  Optional[Hash]   $instances       = undef,
  Boolean          $manage_group    = true,
  Boolean          $manage_service  = true,
  Boolean          $manage_user     = true,
  String           $provider        = 'systemd',
  String           $version         = '7.3.0',
  Stdlib::HTTPUrl  $source_base_url = "https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v${version}",
  String           $tarball_name    = "oauth2-proxy-v${version}.linux-amd64.tar.gz",
  String           $user            = 'oauth2',
) {

  # in theory, this module should work on any linux distro that uses systemd
  # but it has only been tested on el7
  case $facts[os][family] {
    'RedHat': {
      $shell = '/sbin/nologin'
      $systemd_path = '/usr/lib/systemd/system'
    }
    'Debian': {
      $shell = '/usr/sbin/nologin'
      $systemd_path = '/etc/systemd/system'
    }
    default: {
      fail("Module ${module_name} is not supported on operatingsystem ${facts[os][family]}")
    }
  }

  # bit.ly does not provide x86 builds
  case $facts[os][architecture] {
    'x86_64': {}
    'amd64': {}
    default: {
      fail("Module ${module_name} is not supported on architecture ${facts[os][architecture]}")
    }
  }

  if $manage_user {
    user { $user:
      gid    => $group,
      system => true,
      home   => '/',
      shell  => $shell,
    }
  }

  if $manage_group {
    group { $group:
      ensure => present,
      system => true,
    }
  }

  class { 'oauth2_proxy::install': }

  if $instances {
    create_resources('oauth2_proxy::instance', $instances)
  }

}