migrate sso role

uwsgi-python/handlers/main.yml

@@ -18,3 +18,6 @@
   
 - name: restart uwsgi instance boxes
   service: name="uwsgi@boxes" state=restarted
+
+- name: restart uwsgi instance sso
+  service: name="uwsgi@sso" state=restarted

uwsgi-python/templates/apps/sso.j2

+DEBUG = False
+
+from common.auth import LdapManager, ADManager
+
+{% if sso_auth_use_ad %}
+AUTH_MANAGER = ADManager(
+    host="{{ sso_auth_host }}",
+    domain="{{ sso_auth_domain }}",
+    user_dn="{{ sso_auth_user_dn }}",
+    group_dn="{{ sso_auth_group_dn }}",
+    ca_cert="{{ sso_auth_ca_cert }}")
+{% else %}
+AUTH_MANAGER = LdapManager(
+    host="{{ sso_auth_host }}",
+    user_dn="{{ sso_auth_user_dn }}",
+    group_dn="{{ sso_auth_group_dn }}")
+{% endif %}
+
+SESSION_COOKIE_DOMAIN = "{{ sso_domain }}"
+SESSION_COOKIE_NAME = "SSO-{}-SESSION".format(SESSION_COOKIE_DOMAIN.split(".")[0].upper())
+SESSION_COOKIE_HTTPONLY = True
+SESSION_REFRESH_EACH_REQUEST = True
+SESSION_COOKIE_SECURE = True
+
+from secret_config import secret_key as SECRET_KEY

uwsgi-python/vars/sso.yml

+app_name: sso
+app_user: sso
+app_group: sso
+app_home: /var/www/sso
+app_path: /var/www/sso/program
+app_python_version: 3
+app_venv: /var/www/sso/program
+app_program: sso.py
+app_callable: app
+app_command: ""
+app_mountpoint: /
+
+app_db_name: ""
+
+app_deploy_key: "{{ inventory_dir }}/files/deploy-keys/sso"
+app_git_url: "git@git.fsmpi.rwth-aachen.de:infra/sso.git"
+app_git_version: HEAD
+
+app_config_file: config.py
+app_secret_config: true
+
+app_additional_software: []
+
+sso_auth_use_ad: yes
+sso_auth_host: auth.example.com
+sso_auth_user_dn: "cn=users,dc=example,dc=com"
+sso_auth_group_dn: "dc=example,dc=com"
+sso_auth_ca_cert: ''
+sso_auth_domain: EXAMPLE
+
+sso_domain: "{{ domain }}"
+