Integrate production OpenQA instance with accounts.rockylinux.org #6

Closed
opened 2023-01-21 05:07:47 +00:00 by tcooper · 2 comments

OpenQA supports either OpenID or OAuth2 for authentication (http://open.qa/docs/#authentication) and we would like to use one of those methods (your choice) to integrate with Rocky Account Services and require assistance of infra to get this setup.

OpenQA supports either OpenID or OAuth2 for authentication (http://open.qa/docs/#authentication) and we would like to use one of those methods (your choice) to integrate with Rocky Account Services and require assistance of infra to get this setup.
neil self-assigned this 2023-01-21 06:13:59 +00:00
Owner
  • Configured DNS for openqa.rockylinux.org to proxy to aws instance via cloudflare
  • setup LetsEncrypt to provision certificate for host
  • added authentication configuration (below) to point to Ipsilon
[auth]
method = OpenID

[openid]
provider = https://accounts.rockylinux.org/idp/
httpsonly = 1

Also needed to grant self and trevor admin rights in the database.

$ sudo -u postgres psql openqa

openqa=# BEGIN;
openqa=# UPDATE users SET is_admin = 1, is_operator = 1 WHERE id IN (3,4);
openqa=# COMMIT;
* Configured DNS for openqa.rockylinux.org to proxy to aws instance via cloudflare * setup LetsEncrypt to provision certificate for host * added authentication configuration (below) to point to Ipsilon ``` [auth] method = OpenID [openid] provider = https://accounts.rockylinux.org/idp/ httpsonly = 1 ``` Also needed to grant self and trevor admin rights in the database. ``` $ sudo -u postgres psql openqa openqa=# BEGIN; openqa=# UPDATE users SET is_admin = 1, is_operator = 1 WHERE id IN (3,4); openqa=# COMMIT; ```
Author

Verified DNS, SSL and OpenID setup is complete. Thank you.

Verified DNS, SSL and OpenID setup is complete. Thank you.
Sign in to join this conversation.
No description provided.