This commit is contained in:
notplants
21
README.md
21
README.md
@ -11,7 +11,7 @@
|
||||
* **Backups**: Yes
|
||||
* **Email**: No
|
||||
* **Tests**: No
|
||||
* **SSO**: No
|
||||
* **SSO**: Yes
|
||||
|
||||
<!-- endmetadata -->
|
||||
|
||||
@ -40,5 +40,24 @@ Then redeploy with `abra app deploy YOURAPPDOMAIN --force`.
|
||||
Now when you login as your user, and visit https://cryptpad.cctest.autonomic.zone/admin/,
|
||||
you should be able to access the admin interface for this cryptpad instance.
|
||||
|
||||
## SSO
|
||||
|
||||
To enable SSO, run `abra app config YOURAPPDOMAIN` and set `SSO_ENABLED=true`. On the next deploy, the [CryptPad SSO plugin](https://github.com/cryptpad/sso) will be installed automatically.
|
||||
|
||||
You also need to configure the remaining SSO environment variables for your OIDC provider:
|
||||
|
||||
- `SSO_PROVIDER_NAME` — display name shown on the login button (e.g. `Keycloak`, `Authentik`)
|
||||
- `SSO_OIDC_URL` — OIDC discovery URL for your provider
|
||||
- `SSO_CLIENT_ID` — OAuth2 client ID
|
||||
- `SSO_JWT_ALG` — JWT signing algorithm (e.g. `RS256`)
|
||||
|
||||
The client secret is stored as a Docker secret. Insert it with:
|
||||
|
||||
```
|
||||
abra app secret insert YOURAPPDOMAIN sso_client_s v1 YOUR_CLIENT_SECRET
|
||||
```
|
||||
|
||||
Then deploy (or redeploy) to apply: `abra app deploy YOURAPPDOMAIN --force`.
|
||||
|
||||
[`abra`]: https://git.coopcloud.tech/coop-cloud/abra
|
||||
[`coop-cloud/traefik`]: https://git.coopcloud.tech/coop-cloud/traefik
|
||||
Reference in New Issue
Block a user