r/ouranos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: rewrite README with structured overview and quick start guide

Browse Source 
Replaces the minimal project description with a comprehensive README
including a component overview table, quick start instructions, common
Ansible operations, and links to detailed documentation. Aligns with
Red Panda Approval™ standards.
This commit is contained in:
Robert
2026-03-03 12:49:06 +00:00
parent c7be03a743
commit b4d60f2f38
219 changed files with 34586 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
ansible/pplg/config_local.py.j2 Normal file
View File

@@ -0,0 +1,55 @@
# PgAdmin4 Local Configuration - Managed by Ansible
# Gunicorn-based deployment (no Apache) with Casdoor OAuth SSO
# Red Panda Approved
import os
# Server settings
DEFAULT_SERVER = '0.0.0.0'
DEFAULT_SERVER_PORT = {{pgadmin_port}}
# Data directory
DATA_DIR = '{{pgadmin_data_dir}}'
SESSION_DB_PATH = os.path.join(DATA_DIR, 'sessions')
STORAGE_DIR = os.path.join(DATA_DIR, 'storage')
SQLITE_PATH = os.path.join(DATA_DIR, 'pgadmin4.db')
# Log settings
LOG_FILE = '{{pgadmin_log_dir}}/pgadmin4.log'
# Default admin credentials (for initial setup)
SETUP_EMAIL = '{{pgadmin_email}}'
SETUP_PASSWORD = '{{pgadmin_password}}'
# Authentication - OAuth2 (Casdoor) + internal fallback
AUTHENTICATION_SOURCES = ['oauth2', 'internal']
# Master password disabled (use OAuth)
MASTER_PASSWORD_REQUIRED = False
# Reverse proxy settings (Titania HAProxy -> Prospero HAProxy -> Gunicorn)
ENHANCED_COOKIE_PROTECTION = False
PROXY_X_FOR_COUNT = 2
PROXY_X_PROTO_COUNT = 2
PROXY_X_HOST_COUNT = 2
X_FRAME_OPTIONS = 'SAMEORIGIN'
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_SAMESITE = 'Lax'
WTF_CSRF_SSL_STRICT = False
# OAuth2 Configuration (Casdoor OIDC)
OAUTH2_AUTO_CREATE_USER = True
OAUTH2_CONFIG = [{
'OAUTH2_NAME': 'Casdoor',
'OAUTH2_DISPLAY_NAME': 'Casdoor SSO',
'OAUTH2_CLIENT_ID': '{{pgadmin_oauth_client_id}}',
'OAUTH2_CLIENT_SECRET': '{{pgadmin_oauth_client_secret}}',
'OAUTH2_TOKEN_URL': 'https://id.ouranos.helu.ca/api/login/oauth/access_token',
'OAUTH2_AUTHORIZATION_URL': 'https://id.ouranos.helu.ca/login/oauth/authorize',
'OAUTH2_API_BASE_URL': 'https://id.ouranos.helu.ca/',
'OAUTH2_USERINFO_ENDPOINT': 'api/userinfo',
'OAUTH2_SERVER_METADATA_URL': 'https://id.ouranos.helu.ca/.well-known/openid-configuration',
'OAUTH2_SCOPE': 'openid profile email',
'OAUTH2_ICON': 'fa-openid',
'OAUTH2_BUTTON_COLOR': '#2db7f5',
}]