home/kubernetes-deployments
2
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity Actions

Replace Authelia with Authentik

Browse source
This commit is contained in:
Pim Kunis 2025-02-10 22:51:18 +01:00
parent b09ce94621
commit 81b553c8b0
13 changed files with 117 additions and 313 deletions
Download patch file Download diff file Expand all files Collapse all files

16
modules/hedgedoc.nix
View file

@ -54,18 +54,16 @@
CMD_PROTOCOL_USESSL.value = "true";
CMD_CSP_ENABLE.value = "false";
CMD_OAUTH2_PROVIDERNAME.value = "Authelia";
CMD_OAUTH2_AUTHORIZATION_URL.value = "https://auth.kun.is/api/oidc/authorization";
CMD_OAUTH2_TOKEN_URL.value = "https://auth.kun.is/api/oidc/token";
CMD_OAUTH2_USER_PROFILE_URL.value = "https://auth.kun.is/api/oidc/userinfo";
CMD_OAUTH2_CLIENT_ID.value = "ZZI33JnLIuGk58HPkN_YEfETxNTz-1Mq--YPu9Sa6Y39BwykY0GDmxBVn1w9X70fIHT09xHq";
CMD_OAUTH2_CLIENT_SECRET.value = "ref+sops://secrets.yml#/hedgedoc/oidc/client_secret/password";
CMD_OAUTH2_SCOPE.value = "openid email profile groups";
CMD_OAUTH2_PROVIDERNAME.value = "Authentik";
CMD_OAUTH2_CLIENT_ID.value = "ZF56062l4BPnq2INv2zaO9cEiE6sAj7CrxbWhExj";
CMD_OAUTH2_CLIENT_SECRET.value = "ref+sops://secrets.yml#/authentik/oauth2/hedgedoc/client_secret";
CMD_OAUTH2_SCOPE.value = "openid email profile";
CMD_OAUTH2_USER_PROFILE_URL.value = "https://authentik.kun.is/application/o/userinfo/";
CMD_OAUTH2_TOKEN_URL.value = "https://authentik.kun.is/application/o/token/";
CMD_OAUTH2_AUTHORIZATION_URL.value = "https://authentik.kun.is/application/o/authorize/";
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR.value = "preferred_username";
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR.value = "name";
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR.value = "email";
CMD_OAUTH2_ROLES_CLAIM.value = "groups";
CMD_OAUTH2_ACCESS_ROLE.value = "hedgedoc";
CMD_DB_URL.valueFrom.secretKeyRef = {
name = "hedgedoc";