add google auth

.env.sample

@@ -69,6 +69,7 @@ ALLOWED_DOMAINS=
 #SMTP_SECURE=true
 
 #OIDC_ENABLED=1
+#COMPOSE_YML="compose.yml:compose.oidc.yml"
 #OIDC_CLIENT_ID=
 #OIDC_AUTH_URI=
 #OIDC_TOKEN_URI=
@@ -77,3 +78,8 @@ ALLOWED_DOMAINS=
 #OIDC_DISPLAY_NAME="My Cool OpenId Connect Provider"
 #OIDC_SCOPES="openid profile email"
 #SECRET_OIDC_CLIENT_SECRET_VERSION=v1
+
+#GOOGLE_ENABLED=1
+#COMPOSE_YML="compose.yml:compose.google.yml"
+#GOOGLE_CLIENT_ID=
+#SECRET_GOOGLE_CLIENT_SECRET_VERSION=v1

abra.sh

@@ -1,4 +1,4 @@
-export APP_ENTRYPOINT_VERSION=v3
+export APP_ENTRYPOINT_VERSION=v4
 
 delete_user() {
 	if [ -z "$1" ] || [ -z "$2" ]; then

compose.google.yml

@@ -0,0 +1,16 @@
+---
+version: "3.8"
+
+services:
+  app:
+    secrets:
+      - google_client_secret
+    environment:
+      - GOOGLE_CLIENT_ID
+      - GOOGLE_CLIENT_SECRET_FILE=/run/secrets/oidc_client_secret
+      - GOOGLE_ENABLED
+
+secrets:
+  google_client_secret:
+    name: ${STACK_NAME}_google_client_secret_${SECRET_GOOGLE_CLIENT_SECRET_VERSION}
+    external: true

entrypoint.sh.tmpl

@@ -1,10 +1,15 @@
 #!/bin/sh
 
 export AWS_SECRET_ACCESS_KEY=$(cat /run/secrets/aws_secret_key)
+
 {{ if eq (env "OIDC_ENABLED") "1" }}
 export OIDC_CLIENT_SECRET=$(cat /run/secrets/oidc_client_secret)
 {{ end }}
 
+{{ if eq (env "GOOGLE_ENABLED") "1" }}
+export GOOGLE_CLIENT_SECRET=$(cat /run/secrets/google_client_secret)
+{{ end }}
+
 export UTILS_SECRET=$(cat /run/secrets/utils_secret)
 export SECRET_KEY=$(cat /run/secrets/secret_key)
 export DATABASE_PASSWORD=$(cat /run/secrets/db_password)