add sso to readme

bump to 0.5.1+v2026.2.0
Merge pull request 'Add SSO Plugin' (#5 ) from sso into main
2026-02-28 22:05:44 -05:00 · 2026-02-28 22:05:44 -05:00 · 2026-03-01 03:02:35 +00:00 · 2026-03-01 02:54:27 +00:00
4 changed files with 25 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -11,7 +11,7 @@
 * **Backups**: Yes
 * **Email**: No
 * **Tests**: No
-* **SSO**: No
+* **SSO**: Yes

 <!-- endmetadata -->

@ -40,5 +40,24 @@ Then redeploy with `abra app deploy YOURAPPDOMAIN --force`.
 Now when you login as your user, and visit https://cryptpad.cctest.autonomic.zone/admin/,
 you should be able to access the admin interface for this cryptpad instance. 

+## SSO
+
+To enable SSO, run `abra app config YOURAPPDOMAIN` and set `SSO_ENABLED=true`. On the next deploy, the [CryptPad SSO plugin](https://github.com/cryptpad/sso) will be installed automatically.
+
+You also need to configure the remaining SSO environment variables for your OIDC provider:
+
+- `SSO_PROVIDER_NAME` — display name shown on the login button (e.g. `Keycloak`, `Authentik`)
+- `SSO_OIDC_URL` — OIDC discovery URL for your provider
+- `SSO_CLIENT_ID` — OAuth2 client ID
+- `SSO_JWT_ALG` — JWT signing algorithm (e.g. `RS256`)
+
+The client secret is stored as a Docker secret. Insert it with:
+
+```
+abra app secret insert YOURAPPDOMAIN sso_client_s v1 YOUR_CLIENT_SECRET
+```
+
+Then deploy (or redeploy) to apply: `abra app deploy YOURAPPDOMAIN --force`.
+
 [`abra`]: https://git.coopcloud.tech/coop-cloud/abra
 [`coop-cloud/traefik`]: https://git.coopcloud.tech/coop-cloud/traefik
--- a/abra.sh
+++ b/abra.sh
@ -1,5 +1,5 @@
 export CONFIG_VERSION=v2
 export CONFIG_JS_VERSION=v2
 export NGINX_CONF_VERSION=v1
-export SSO_ENTRYPOINT_VERSION=v5
+export SSO_ENTRYPOINT_VERSION=v6
 export SSO_JS_VERSION=v3
--- a/compose.yml
+++ b/compose.yml
@ -42,7 +42,7 @@ services:
        target: /sso-entrypoint.sh
        mode: 0755
      - source: sso_js
-        target: /sso.js.tmpl
+        target: /sso.js

    deploy:
      restart_policy:
@ -50,7 +50,7 @@ services:
      labels:
        - "traefik.enable=false"
        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
-        - "coop-cloud.${STACK_NAME}.version=0.5.0+v2026.2.0"
+        - "coop-cloud.${STACK_NAME}.version=0.5.1+v2026.2.0"
        - "backupbot.backup=true"
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3000"]
--- a/sso-entrypoint.sh
+++ b/sso-entrypoint.sh
@ -16,8 +16,8 @@ VERSION_FILE="${PLUGIN_DIR}/.version"
 SSO_PLUGIN_VERSION="${SSO_PLUGIN_VERSION:-0.4.0}"

 # Copy SSO config template into place (mounted as Docker config)
-if [ -f /sso.js.tmpl ]; then
-  cp /sso.js.tmpl /cryptpad/config/sso.js
+if [ -f /sso.js ]; then
+  cp /sso.js /cryptpad/config/sso.js
  echo "[sso-entrypoint] Copied sso.js config into /cryptpad/config/sso.js"
 fi
Author	SHA1	Message	Date
notplants	800e8426ce	add sso to readme Some checks failed continuous-integration/drone/push Build is failing Details	2026-02-28 22:05:44 -05:00
notplants	97209123e0	bump to 0.5.1+v2026.2.0	2026-02-28 22:05:44 -05:00
notplants	899f9d9da0	Merge pull request 'Add SSO Plugin' (#5 ) from sso into main Some checks failed continuous-integration/drone/push Build is failing Details Reviewed-on: #5	2026-03-01 03:02:35 +00:00
notplants	f31c12299d	bump to 0.5.1+v2026.2.0	2026-03-01 02:54:27 +00:00