add gitea to authelia
This commit is contained in:
@@ -48,8 +48,8 @@
|
|||||||
url = "ldaps://ldap.cloonar.com";
|
url = "ldaps://ldap.cloonar.com";
|
||||||
base_dn = "DC=cloonar,DC=com";
|
base_dn = "DC=cloonar,DC=com";
|
||||||
additional_users_dn = "OU=users";
|
additional_users_dn = "OU=users";
|
||||||
users_filter = "(&({mail}={input})(objectClass=person))";
|
users_filter = "(&({username_attribute}={input})(objectClass=person))";
|
||||||
username_attribute = "uid";
|
username_attribute = "mail";
|
||||||
mail_attribute = "mail";
|
mail_attribute = "mail";
|
||||||
display_name_attribute = "displayName";
|
display_name_attribute = "displayName";
|
||||||
additional_groups_dn = "OU=groups";
|
additional_groups_dn = "OU=groups";
|
||||||
@@ -109,6 +109,43 @@
|
|||||||
filename = "/var/lib/authelia-main/notification.txt";
|
filename = "/var/lib/authelia-main/notification.txt";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
identity_providers = {
|
||||||
|
oidc = {
|
||||||
|
## The other portions of the mandatory OpenID Connect 1.0 configuration go here.
|
||||||
|
## See: https://www.authelia.com/c/oidc
|
||||||
|
clients = [
|
||||||
|
{
|
||||||
|
id = "nextcloud";
|
||||||
|
description = "NextCloud";
|
||||||
|
secret = "$pbkdf2-sha512$310000$c8p78n7pUMln0jzvd4aK4Q$JNRBzwAo0ek5qKn50cFzzvE9RXV88h1wJn5KGiHrD0YKtZaR/nCb2CJPOsKaPK0hjf.9yHxzQGZziziccp6Yng";
|
||||||
|
public = false;
|
||||||
|
authorization_policy = "one_factor";
|
||||||
|
redirect_uris = [ "https://nextcloud.example.com/apps/oidc_login/oidc" ];
|
||||||
|
scopes = [
|
||||||
|
"openid"
|
||||||
|
"profile"
|
||||||
|
"email"
|
||||||
|
"groups"
|
||||||
|
];
|
||||||
|
userinfo_signing_algorithm = "none";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
id = "gitea";
|
||||||
|
description = "Gitea";
|
||||||
|
secret = "$6$8CO08RKzsB2e47SY$oZCadmL5nz8HDaZ6miPKmcGNIefUW8qCjHxkn52G1kyKSzZBkKHkCzvlyOU3TXWBY/OpWlqWAHJ4ORtpOkocz/";
|
||||||
|
public = false;
|
||||||
|
authorization_policy = "one_factor";
|
||||||
|
redirect_uris = [ "https://git.cloonar.com/user/oauth2/authelia/callback" ];
|
||||||
|
scopes = [
|
||||||
|
"openid"
|
||||||
|
"profile"
|
||||||
|
"email"
|
||||||
|
];
|
||||||
|
userinfo_signing_algorithm = "none";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
services.nginx.virtualHosts."auth.cloonar.com" = {
|
services.nginx.virtualHosts."auth.cloonar.com" = {
|
||||||
|
|||||||
@@ -20,7 +20,16 @@ in
|
|||||||
HTTP_PORT = 3001;
|
HTTP_PORT = 3001;
|
||||||
DOMAIN = domain;
|
DOMAIN = domain;
|
||||||
};
|
};
|
||||||
service.DISABLE_REGISTRATION = true;
|
openid = {
|
||||||
|
ENABLE_OPENID_SIGNIN = false;
|
||||||
|
ENABLE_OPENID_SIGNUP = true;
|
||||||
|
WHITELISTED_URIS = "auth.example.com";
|
||||||
|
};
|
||||||
|
service = {
|
||||||
|
DISABLE_REGISTRATION = false;
|
||||||
|
ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
|
||||||
|
SHOW_REGISTRATION_BUTTON = false;
|
||||||
|
};
|
||||||
webhook.ALLOWED_HOST_LIST = "drone.cloonar.com";
|
webhook.ALLOWED_HOST_LIST = "drone.cloonar.com";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user