MIR/nextcloud
0
0
Fork 0
forked from coop-cloud/nextcloud
Code Pull Requests Activity

authentik autoconfiguration

Browse Source
This commit is contained in:
Moritz 2023-03-15 15:23:15 +01:00
parent 7b0a0741b6
commit 212559c8fc
3 changed files with 57 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.env.sample
View File

@ -51,3 +51,9 @@ DEFAULT_QUOTA="10 GB"
# OCC_CMDS="app:disable dashboard" # OCC_CMDS="app:disable dashboard"
# OCC_CMDS="$OCC_CMDS|config:app:set sociallogin auto_create_groups --value 1" # OCC_CMDS="$OCC_CMDS|config:app:set sociallogin auto_create_groups --value 1"
# OCC_CMDS="$OCC_CMDS|config:app:set sociallogin hide_default_login --value 1" # OCC_CMDS="$OCC_CMDS|config:app:set sociallogin hide_default_login --value 1"
# COMPOSE_FILE="$COMPOSE_FILE:compose.authentik.yml"
# AUTHENTIK_USER_PREFIX=authentik
# AUTHENTIK_DOMAIN=authentik.example.com
# AUTHENTIK_SECRET_NAME=authentik_example_com_nextcloud_secret_v1 # the same as in authentik
# AUTHENTIK_ID_NAME=authentik_example_com_nextcloud_id_v1 # the same as in authentik

38
abra.sh
View File

@ -32,7 +32,7 @@ set_app_config(){
APP=$1 APP=$1
KEY=$2 KEY=$2
VALUE=$3 VALUE=$3
run_occ "config:app:set $APP $KEY --value $VALUE" run_occ "config:app:set $APP $KEY --value '$VALUE'"
} }
install_bbb(){ install_bbb(){
@ -52,3 +52,39 @@ install_onlyoffice(){
set_default_quota(){ set_default_quota(){
set_app_config files default_quota '"$DEFAULT_QUOTA"' set_app_config files default_quota '"$DEFAULT_QUOTA"'
} }
set_authentik(){
install_apps sociallogin
AUTHENTIK_SECRET=$(cat /run/secrets/authentik_secret)
AUTHENTIK_ID=$(cat /run/secrets/authentik_id)
set_app_config sociallogin custom_providers "
{
\"custom_oidc\":[
{
\"name\":\"$AUTHENTIK_USER_PREFIX\",
\"title\":\"authentik\",
\"authorizeUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/authorize/\",
\"tokenUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/token/\",
\"displayNameClaim\":\"preferred_username\",
\"userInfoUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/userinfo/\",
\"logoutUrl\": \"https://$AUTHENTIK_DOMAIN/if/session-end/nextcloud/\",
\"clientId\":\"$AUTHENTIK_ID\",
\"clientSecret\":\"$AUTHENTIK_SECRET\",
\"scope\":\"openid profile email nextcloud\",
\"groupsClaim\":\"nextcloud_groups\",
\"style\":\"openid\",
\"defaultGroup\":\"\",
\"groupMapping\": {
\"admin\": \"admin\"
}
}
]
}"
set_app_config sociallogin update_profile_on_login 1
set_app_config sociallogin auto_create_groups 1
set_app_config sociallogin hide_default_login 1
run_occ 'config:system:set social_login_auto_redirect --value true'
run_occ 'config:system:set allow_user_to_change_display_name --value=false'
run_occ 'config:system:set lost_password_link --value=disabled'
}

14
compose.authentik.yml Normal file
View File

@ -0,0 +1,14 @@
version: "3.8"
services:
app:
secrets:
- authentik_secret
- authentik_id
secrets:
authentik_secret:
external: true
name: ${AUTHENTIK_SECRET_NAME}
authentik_id:
external: true
name: ${AUTHENTIK_ID_NAME}