hpr_transcripts/hpr3718.txt

Episode: 3718
Title: HPR3718: Making Ansible playbooks to configure Single Sign On for popular open source applications
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3718/hpr3718.mp3
Transcribed: 2025-10-25 04:37:05

---

This is Hacker Public Radio Episode 3,718 for Wednesday, 2 November 2022.
Today's show is entitled, Making Ansible Playbooks to Configure Single Sign-On for Popular
Open Source Applications.
It is part of the series Networking.
It is hosted by Jaron Baton.
It carries a clean flag.
The summary is a small introduction into my latest project when I spoke at the recent
NextClow 2022 conference.
Hey, we are arriving at the end of the lighting talks.
However, we got one request for doing a plug, which might be of interest of us as the
next cloud community.
May I ask Jaron Baton to come on stage and to talk a little bit about a specific project
which might be of interest to us?
Hi.
I only have five minutes, normally I do whole conferences, but longer talks.
My name is Jaron Baton.
I have been in the office for 20 years.
I have written more than 10 books about the office.
That is my credentials.
Yesterday, I published Golden Gid-Up.
There is a result of four months of work of configuring popular open source applications
for Single Sign-On.
Clearly, one of those is NextClowed, because why not?
Let's see if I can make that move it a little bit.
No.
Okay.
Anyway.
Four months of work, those are simple, straight, answerable playbooks.
Who does not know what answerable is?
Okay.
Who doesn't know what answerable is and doesn't work in marketing?
Okay.
So, answerable is a syntax, it's a file, it's sort of a recipe to configure computers.
So you say, I want, by the way, I want users, and this is the list of user accounts.
I want, and I want this package and this package installed, and I want the application
HelloWield installed.
So, that's a sort of a recipe, and you send it to a bunch of servers, if you like, all
one.
And so, people who know Ansible, simple playbook, based on key cloak as the central authentication
mechanism, what you do, so the playbook is installed next cloud, single-signal.yaml,
you fire it, it will install standard, next cloud, not the snap, just in some directory,
I don't know.
And then configure single-signal by creating with a rest call to key cloak, creating
a client there, getting a secret key if you're using Open ID Connect, put it in your configuration
and you're good to go.
So don't try this at home, read the playbook and adjust it to your own network, okay?
But you don't have a bunch of roles that you all have to go to with this, one simple
straight file.
And I've done this for the last four months for, let's see, X-Weeky, Odo, next cloud key
cloak, of course not, GitLab and Jenkins.
And today I found out that I also have to do the same work for Open Project, clearly.
Yay.
It's, well, I think that's about all the time I can use.
Yeah, roughly, okay.
Any questions?
Well, that's it.
Thank you very much.
You won't thank you so much for doing this.
Next time, please do submit a talk.
I think it deserves more time than you had right now.
You have been listening to Hacker Public Radio at HackerPublicRadio.org.
Today's show was contributed by a HBR listener like yourself.
If you ever thought of recording a podcast, then click on our contribute link to find out
how easy it really is.
Hosting for HBR has been kindly provided by an onstoast.com, the internet archive and
our syncs.net.
On this otherwise status, today's show is released on our Creative Commons, Attribution
4.0 International License.
Initial commit: HPR Knowledge Base MCP Server - MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> 2025-10-26 10:54:13 +00:00			`Episode: 3718`
			`Title: HPR3718: Making Ansible playbooks to configure Single Sign On for popular open source applications`
			`Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3718/hpr3718.mp3`
			`Transcribed: 2025-10-25 04:37:05`

			`---`

			`This is Hacker Public Radio Episode 3,718 for Wednesday, 2 November 2022.`
			`Today's show is entitled, Making Ansible Playbooks to Configure Single Sign-On for Popular`
			`Open Source Applications.`
			`It is part of the series Networking.`
			`It is hosted by Jaron Baton.`
			`It carries a clean flag.`
			`The summary is a small introduction into my latest project when I spoke at the recent`
			`NextClow 2022 conference.`
			`Hey, we are arriving at the end of the lighting talks.`
			`However, we got one request for doing a plug, which might be of interest of us as the`
			`next cloud community.`
			`May I ask Jaron Baton to come on stage and to talk a little bit about a specific project`
			`which might be of interest to us?`
			`Hi.`
			`I only have five minutes, normally I do whole conferences, but longer talks.`
			`My name is Jaron Baton.`
			`I have been in the office for 20 years.`
			`I have written more than 10 books about the office.`
			`That is my credentials.`
			`Yesterday, I published Golden Gid-Up.`
			`There is a result of four months of work of configuring popular open source applications`
			`for Single Sign-On.`
			`Clearly, one of those is NextClowed, because why not?`
			`Let's see if I can make that move it a little bit.`
			`No.`
			`Okay.`
			`Anyway.`
			`Four months of work, those are simple, straight, answerable playbooks.`
			`Who does not know what answerable is?`
			`Okay.`
			`Who doesn't know what answerable is and doesn't work in marketing?`
			`Okay.`
			`So, answerable is a syntax, it's a file, it's sort of a recipe to configure computers.`
			`So you say, I want, by the way, I want users, and this is the list of user accounts.`
			`I want, and I want this package and this package installed, and I want the application`
			`HelloWield installed.`
			`So, that's a sort of a recipe, and you send it to a bunch of servers, if you like, all`
			`one.`
			`And so, people who know Ansible, simple playbook, based on key cloak as the central authentication`
			`mechanism, what you do, so the playbook is installed next cloud, single-signal.yaml,`
			`you fire it, it will install standard, next cloud, not the snap, just in some directory,`
			`I don't know.`
			`And then configure single-signal by creating with a rest call to key cloak, creating`
			`a client there, getting a secret key if you're using Open ID Connect, put it in your configuration`
			`and you're good to go.`
			`So don't try this at home, read the playbook and adjust it to your own network, okay?`
			`But you don't have a bunch of roles that you all have to go to with this, one simple`
			`straight file.`
			`And I've done this for the last four months for, let's see, X-Weeky, Odo, next cloud key`
			`cloak, of course not, GitLab and Jenkins.`
			`And today I found out that I also have to do the same work for Open Project, clearly.`
			`Yay.`
			`It's, well, I think that's about all the time I can use.`
			`Yeah, roughly, okay.`
			`Any questions?`
			`Well, that's it.`
			`Thank you very much.`
			`You won't thank you so much for doing this.`
			`Next time, please do submit a talk.`
			`I think it deserves more time than you had right now.`
			`You have been listening to Hacker Public Radio at HackerPublicRadio.org.`
			`Today's show was contributed by a HBR listener like yourself.`
			`If you ever thought of recording a podcast, then click on our contribute link to find out`
			`how easy it really is.`
			`Hosting for HBR has been kindly provided by an onstoast.com, the internet archive and`
			`our syncs.net.`
			`On this otherwise status, today's show is released on our Creative Commons, Attribution`
			`4.0 International License.`