From d231accd45a87c2ea22f15c723a327c48bcf7860 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= <jakub@status.im>
Date: Mon, 11 Apr 2022 11:26:38 +0200
Subject: [PATCH] logs.nimbus: refactor OAuth container setup
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is to take into account changes made in:
https://github.com/status-im/infra-role-oauth-proxy/commit/4dd42c56

Signed-off-by: Jakub Sokołowski <jakub@status.im>
---
 ansible/group_vars/logs.nimbus.yml | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/ansible/group_vars/logs.nimbus.yml b/ansible/group_vars/logs.nimbus.yml
index 347c184..455e3a6 100644
--- a/ansible/group_vars/logs.nimbus.yml
+++ b/ansible/group_vars/logs.nimbus.yml
@@ -12,6 +12,7 @@ swap_file_size_mb: 2048
 
 # ElasticSearch Cluster
 es_service_name: 'elasticsearch'
+es_service_path: '/docker/{{ es_service_name }}'
 es_cluster_name: 'nimbus-logs-search'
 es_docker_network_name: '{{ es_service_name }}'
 es_master_nodes: |
@@ -47,23 +48,24 @@ es_hq_cont_enabled: true
 es_hq_cont_port: 5000
 
 # oauth access
+oauth_service_name: '{{ es_hq_cont_name }}-oauth'
+oauth_service_path: '{{ es_service_path }}/oauth'
 oauth_domain: 'nimbus-es.infra.status.im'
-oauth_cont_name: '{{ es_hq_cont_name }}-oauth'
-oauth_cont_networks: [{name: '{{ es_docker_network_name }}'}]
-oauth_upstream_name: 'hq'
+oauth_cont_networks: ['{{ es_docker_network_name }}']
+oauth_upstream_addr: 'hq'
 oauth_upstream_port: '{{ es_hq_cont_port }}'
-oauth_public_port: 443
-oauth_local_port: 8090
-oauth_cookie_secret: '{{ lookup("bitwarden", "cookie-secret", field="secret") }}'
+oauth_local_port: 4180
+oauth_provider: 'github'
 oauth_id: '{{ lookup("bitwarden", "nimbus/elastic-hq/oauth", field="client-id") }}'
 oauth_secret: '{{ lookup("bitwarden", "nimbus/elastic-hq/oauth", field="secret") }}'
+oauth_cookie_secret: '{{ lookup("bitwarden", "nimbus/elastic-hq/oauth", field="cookie-secret") }}'
 
 # Open Ports
 open_ports_default_comment: 'ElasticSearch'
 open_ports_default_chain: 'VPN'
 open_ports_list:
-  - { port: 80,  protocol: 'tcp', chain: 'SERVICES' }
-  - { port: 443, protocol: 'tcp', chain: 'SERVICES' }
+  - { port: 80,  chain: 'SERVICES' }
+  - { port: 443, chain: 'SERVICES' }
   - { port: '{{ es_api_port }}',      ipset: 'logs.nimbus' }
   - { port: '{{ es_api_port  }}',     ipset: 'dash.nimbus' }
   - { port: '{{ es_api_port  }}',     ipset: 'log-aggr.hq' }