Task #137
openInstall OAuth2 Proxy and use for Authentication
0%
Description
Use OAuth2 Proxy with the existing NGINX reverse proxy to provide authentication for the following services:
- code server
- lidarr
- radarr
- sabnzbd
- sonarr
FR Updated by Frank Refol 16 days ago
- Status changed from New to In Progress
FR Updated by Frank Refol 6 days ago
-
name: Entra ID + OAuth2 Integration
hosts: localhost
connection: local
collections:- azure.azcollection
vars:
app_name: "MyWebApp"
reply_urls:
- "https://mywebapp.local/auth/callback"
identifier_uris:
- "api://mywebapp"
secret_expiry: "2026-01-01T00:00:00Z"tasks:
-
name: Register application in Entra ID
azure_rm_adapplication:
display_name: "{{ app_name }}"
identifier_uris: "{{ identifier_uris }}"
reply_urls: "{{ reply_urls }}"
register: app -
name: Ensure service principal exists
azure_rm_adserviceprincipal:
app_id: "{{ app.app_id }}"
register: sp -
name: Create new OAuth2 client secret (auto-generated)
azure_rm_adappcredential:
app_id: "{{ app.app_id }}"
end_date: "{{ secret_expiry }}"
register: app_secret -
name: Inject secret into OAuth2 role
include_role:
name: oauth2_config
vars:
oauth2_client_id: "{{ app.app_id }}"
oauth2_client_secret: "{{ app_secret.secret_text }}"
oauth2_tenant_id: "{{ lookup('env','AZURE_TENANT') }}"
FR Updated by Frank Refol 5 days ago
- Status changed from In Progress to Done
Coding done. Write documentation.
FR Updated by Frank Refol 5 days ago
- Status changed from Done to Document
FR Updated by Frank Refol 5 days ago
- Status changed from Document to Open
Need to add other services. Completed for Code.