From b09ce94621e9d3baf32a88c35117a78d3551325a Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Sun, 9 Feb 2025 15:35:51 +0100 Subject: [PATCH] Set Authelia consent mode for Hedgedoc to implicit Add niels to hedgedoc group in Authelia --- modules/authelia.nix | 1 + secrets.yml | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/modules/authelia.nix b/modules/authelia.nix index f092bf8..517c4a7 100644 --- a/modules/authelia.nix +++ b/modules/authelia.nix @@ -108,6 +108,7 @@ scopes = ["openid" "profile" "email" "groups"]; userinfo_signed_response_alg = "none"; token_endpoint_auth_method = "client_secret_post"; + consent_mode = "implicit"; } ]; }; diff --git a/secrets.yml b/secrets.yml index 02f9c79..4208f96 100644 --- a/secrets.yml +++ b/secrets.yml @@ -48,7 +48,7 @@ authelia: jwk_rs256: private: ENC[AES256_GCM,data:WaTdMntWZF40pBOsHpKlQAcsVoceQDKkPlNbkwlPjY231cZSgHYw2u3V89BHx1p3LT4OUAEQvBcQ3c8sJbRYHTo7wXVYTwMrWL+KIu5AOp1pqHWESJrxO/12tgITcM5xJx+zwAoc/85l0LK3EIXYayEYe6ISNjx13K3YaSuD74iEXrNtWuvqwvbT9zNtYg8gb+l1FEW+TwS6wdzWyglfZl4erOQXb1a373qRdTz5m71MEPY8nJPS948nxO5M1DgJ8eqyztVdHY+z3X40vsDv3anSApeBNe/jexUVGBmuRtOhoAbirbNo7F8tjbI1qVy1lw0YNiaXAyH/BY2EtcSb9bU/VqCRdLteZnSed4LFrCIFt9mYoAWPX4GjXanfshNUaqM0IEFVjH7cXzf4rKql9VnxvCufupIGKhcOkAuxFtuOPL9q3RVT4CkarhmgDpKKjUlyAHRAvLH2F2l+K6zwEengiYDXkyBzd393Gsee6ML30X/MRSwd1TBqKZ1VInpk3bn/GwVMipywiYsviLE6JW+IcRJiHCI3bbch2aRsq9MP8AE9qornqC9nt6DQKnOr2HvEAjTHGvmiJN2nKaRU/B6T5xmH9nsdZ3CTsmTIkWBi/Fa8th9DvT8UrQe4LiQ8t6/6TrhgZ+QCjgwp59B2dwrPnT7oY8B0o5O0k/06HnsaG0YxyEM2JgVBer0K4BzUAoap4S8YGj88oPVlSHV3ks7qjx8J+pytNmyND3O1CzKUuluTjCLoowyDx9OA8AcfxVCva6BI6EqJEVU0eqlo146kdgERPR4U6TgCAU6uk4rb+SQgwN6brd15AezRKUW9iDbr4hoxCA0XNTzcDLJKKFFU2ZlHdvs9WTif7gmVwAsogy31xWyKdTdSCoUME4mAKeHM2o763UICjL4HO6drMn16G5yA0anxkctVJqWKcpLrD9rVCC30bbFy8u3H1Icfzf2dZxbTLCbJVn5i39I9AqehIOapD7SwN3pyXwicfnr6h1prGKdHQ0cXjlwCiiP7lSBLP+Q4DwjoSVF/Iei4DcFQoHqSpGreGeP5yRNiRe8HEp63yQXFM/l6PMIVZw+0q/VDb5sEUZ6XItAi/UL3CqY1WI5SVvbeuxbKivuxRcspiFRHB9aXS2eG8hx/Oq9OFvPq3eAQ7xtZLw5oMAFgED4epZl3mAaYz8n5m2i2J8QujxP1POqotkeA1uQFelQL1xMUdpIg41mRNch0M3H50fcgR5dJ3k41NAJTCi5B+X9lFVoo/ByLvX4hkmx4YeZ5VPW6hVLiZMcdA+RluBWVAShYXBBg5rV3ak/G8Lj9P/cc1Tg32Qr1m9h3Tl4Q8AEmWBABRXYcZ526fMFdTQa0SkdvO3jp6Zt/6TObygSyOrOjBIgXye4BAT3zuyNK07Z1gOP1X0rE23T50S5A4KCI59QCs+szugk9umUbqeZF3DKj1oiVq1f5I1m2zbBuWq6vi6kH7eD7eSnTqpIuYeOsuWlREvsNHfXOA7lrURy+yLheKYuIRqx+5TKJaapgMkagw5nQ74RAvEJgAPHJaKYt5YJklMSxTkUR6FlvZNq2salMpM+mGrtH9l1tEVUbKh6QAyG4EkUbnFmT3orCgBJJFh+HXMpb6pwVL06+/0sSvgBI1ZBfbGYWk//RKSHbVzOi1UXyW1izeLgSwKNc/ZUCDnZ0hrBafQn3S8Ap+5j9h++fdH9NwfQyGV7GuTMYBkCtG3+l9+iitFWPUnZ2PvNypi4kJX31XlSyR/JoQfvFNm3nWw1pdLJRF7shqYxbSuGx/Fz02zocEvNNu5NBp5+0nPXIWp5PoRHqWHXI6TvNduji0/ycKjLhtpnFV3NhhWq0no5fKo+t4seoQ88oFzbH0wVXnLRALPq6yZ1kzbWhGp5RLmtixEMXcAwuw2Ewol2BhIf2+5o7d7ndgmZ6lOM4LzApumzS0m3z91XQ1keqHZUWA0XdCekIucNrhw4uVIWg228G5IWjI1QuL6c9zeIHl8NvSCzC7lJLXR6NiCzFvVH92krQ91yiEsSvg3+8MkU+6mlLiCvbl98WVMcQ6Ig9Hh+p1ALSuUDDqOK8k4ja3sblwjDE1vQhacm9gaCjYfID+UFpbJ1FLwdOiBrcUu3jSnN2zBViWjH48xnM7kvxliDRbAElyMPylD2wE6Gce/nyueSAktsfPzt3GnHzspfuoDokJ2pss+8u/x/5whe+xkMMEhExWJWTe4WiwYxyM7dIX8JLJBqQ+T3pUQLMYwECHvPstLiQjpWy,iv:cZQEw3E1Kq+Qg1ZB0gwMW87NG1z/tGDnQOpRiCsdpUs=,tag:N/JqLdXIwCerHynMhmvhug==,type:str] public: ENC[AES256_GCM,data:TivRCWgU3skYJbDopZAdSAZBi7OhgzLjOLi0f8bUN3hEfDS9Bqbo3ZirepWkxDZcEBJH9ut/rAwumWGedU6C71eFtOpC/++c/++VILmWGM2BDUvlUaksaWZE0sNQRZxXmHFd5Fnxq13vVhs0i5Grdu6WG6wdq9dD9iFooLqee5KT6z33lD9THitecYiGf4hccVfJXKriNmNfmFkyv2KMaDNBwgSHtAsXSbYoHOpIz68SzS3KrngSIAvavfSSsW1RXDXvf/3aB94lPtizCZVtKZ+JcHYg3xPesXdwwA6h7A5W7rfJoAQdiDGQJMb4hFhtjhaBGmiUAv5JwRvvEAhQIrVtPmkO9ibir3yDDrcwNXuJDgHrcd0rpSjYWyAM1pgzXiWAiLzhh/AcL+l2xV286XRDwm1xxoPNdGdmOYkiN2AZre8CoR1aFkIP+T479rkOylJq14RzSQAbJ8AaZ6dK2mFxKYFyVpW0aMjEoo9Yqd4IFZpMWIlVALeh3+bpqgtCCkBYq3MX3J0FJ6vL4LUV5855GUrP4CJhSSCAnKaiXKnps2TrHN8Kp1dqtnv1ihq8fwVoSgqiISN4xY8VXsW/IjJYcQ==,iv:o8F7qgHLWhWXEOOSzum+Qore2tGSraqmC1VMWtpaj0I=,tag:Kn5myis0OwoCMa+8yhssPg==,type:str] - users: ENC[AES256_GCM,data:XPnB3wFj8rDPaq8bfgsnDiNmaA+GE6tguPqtnPxfHhM2gVUatnyP5RLIrBxQTUja8w70NBHPQMPEFh3TydBDlWI8tvV8mid1iu7/pRgb6u+LtVSPtrqkSkQBponsxTsila1uvyYLITaB6pI2w0ijcWx3enu1W/a5ssgBQUNVqKfftAF9tB/W0Jhn6m4U9KfB1NbR708eO1LcGHVlqgCs4u9FwR9FEWHDDGgwDjeDQ5w+w9NMAbg7YfwmPgMv3VwRqpie0AE5jj+qtpnAZCpKJK/AzWN7T++TXg6IywPSk/4thFDtLsgke0gtNOMS2DlCRZ7LqdyzwuhQMVX5YbmmQdk5+z4fYKYgWGT8L9ABA6fl/LeMygJVM9cNOl1VGT7SsTBj5WdrU3gR6n0UCybLIyOIA7q+0mT1RR7sKJ1OFKz6bappzIn2Y1UREGTvz63Quw1Kgbciq5WRag4WFVRuq89JKYD8Y9bkWfHgF5L1kCzep79CvB9uxnO+wXwbtxsSEyxllQIDuVMejdVV/l9FPjhgWPe3ho1Eh78nTibNo0cEijvf5ub6MKPelpMvEhEU4J2OH5AJjixqM3RyxO6IKAKx4gg6bm0nUgKPa+7jZ+mZ4xj7AyDh3v8t8C0GOJZSbdtD54YzBjkWLu9I+OhErQQUfgKB5DTDUF+RogkH9LAWn9C2,iv:3lY+ghmpQrKME8xa264RqFR4BzhY4MvcbTwwXmsaf0k=,tag:EmrYcmWBH1zrLDBFgTp25g==,type:str] + users: ENC[AES256_GCM,data:9V0vcpT//ZzFLhlO2gZnns/5T7XEk92iDqTzHFujWC177QUi3LSYY6jcGQ0/3VlDXjsA0PsOV1UzIKc1LJXj9QuedABu48c+4OVN3cinKFs6Tqur/0yQ/T74U8lyap35qwK24lpRE02DZxKd1Tin57AfyfRqG5V6L4MVWzbApDn1cGtIWC3+TuWmO2PeSvNx5KQp/nk36rmTHcNAMZ5srsxMTtzCSTc6SUuCQvdkTbL6UpxQ34WUMkPJM0UfB06eJ19dxXJ6NnG7QlRgf21szuI11I+g6al2XYmCvvcbu2tK6IXVmIbWvdlrZmsaZ6RfN+ZcKqgwZobDTBPVou/Zuaa1SbtBaK45NDVi5I8AlcnKqhejiCdEKMhDavQ5yQrT52GmhbMTCyD3DZTn9fBZDwmpGDJ82Ty7iOtsSuwjKoblOEkEJPn+dJWMJqRcaXw6kguRSjaq7LmS43IWtiGbVhSaZDmKGsnFHHjun6mhvK2irpSw79XXsKxZC5BZhaU3S6aKB8pplak4MqId6hW1Rx7AvBtUJL8A+HIZKcmJzXckM0dvQKrKGQ3JbvmC6QNTtq5YLDLV4wiC4Za8xOxYL+f8ry2+hsFQmXIe5pElmam08nncNo9ZIRSQXYhk/5aeqqDMIjXocIXi9YwN0k2biZLfP5muWq44uIyLciWfSQxhYbTR2xibb4kpoA2eNyptYXul4AR8,iv:qbp7+yepBIPsmpuEGTeHLPENrvfEGoL9u+smf7jqHzo=,tag:u3bkLxICTMm/EEjGjt5ENA==,type:str] sops: kms: [] gcp_kms: [] @@ -73,8 +73,8 @@ sops: azR0UkJyL0RwUVk4ZzdkSWptcDlWVjAK5FU9B5TBSnV3azO4eCv13T6i3dGGuI68 UgBrVEb1/Fv+4XTjeSEhpiOaH8sNWYoNa3Aa7uTZYlHDRWga2GC7zw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-02-08T22:34:17Z" - mac: ENC[AES256_GCM,data:i9suj/TCZdqZW3KxU8Ye3qZnGwIlHFJ4FvsuEhNlq5llC7H/eRnYW8bkZkg2848CRasaco+0eimMcJc2vD7YFO8AuVxIEFr2U2MXP+9tRKPrWd5bae7X2wJo+C1AYCpjpllFlS/T50wSKM7y4ugJtKIibJs/Q3YB3D8D6hfB884=,iv:wdqVREuVVEUBwEKNQBAl0kHUhF+KNDzOPVbo9xfDHDU=,tag:++8BJRRk0xCGezS+RTPc3g==,type:str] + lastmodified: "2025-02-09T12:24:21Z" + mac: ENC[AES256_GCM,data:oXJ06eJS12T0T2i0XxQ2wsyLAojIa7X2lJgb4JWY11If7BOtl8wK/FFKh6ukRdM/pM5nARS2ZUgYPmIQxRX+0dfo85AcqAuFzIb8VMhLdLCIuOVciQMMWyrNmyuMzNgYq2lmk8xQarVk2A1DNBfxCiKVc07J/Uz3tVhnXOXkmGA=,iv:4MObZijkp5TDacLRLYVctEhsvDtkY/soYZ3a4WpC/+I=,tag:KUvalf5sLEouIxMDcA4acw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.2