chore: publish 0.5.0+11.15.1 release

chore: publish 0.4.1+11 release
chore: publish 0.4.0+11 release
2026-02-11 18:38:44 +01:00 · 2026-01-08 19:07:17 +01:00 · 2026-01-08 16:34:23 +01:00 · 2026-01-08 15:32:40 +00:00
8 changed files with 71 additions and 15 deletions
--- a/.env.sample
+++ b/.env.sample
@ -45,6 +45,7 @@ ADMIN_EMAIL=mail@example.com
 #AUTH_SSO_DEFAULT_ROLE_ID="<UUID-of-a-user-role>"
 #AUTH_SSO_SYNC_USER_INFO="true"
 #AUTH_SSO_SCOPE="openid profile email"
+#AUTH_SSO_ROLE_MAPPING='json:{"sso_role1": "directus-role-uuid","sso_role2": "directus-role-uuid"}'

 # https://directus.io/docs/configuration/auth-sso
 # if you need more/other provider(s), consult docs on how to override compose.yml:
--- a/README.md
+++ b/README.md
@ -1,26 +1,78 @@
 # directus

-> Directus is a (headless) CMS / backend system for managing data and creating APIs.
+> Directus is an open-source headless CMS & API for managing agnostic content.

 <!-- metadata -->

+* **Maintainer**: [@val](https://git.coopcloud.tech/val)
+* **Status**: `testing`
 * **Category**: Apps
-* **Status**: 0
 * **Image**: [`directus`](https://hub.docker.com/r/directus), 4, upstream
 * **Healthcheck**: Yes
 * **Backups**: Yes
-* **Email**: No
+* **Email**: Yes
 * **Tests**: No
-* **SSO**: No
+* **SSO**: Yes

 <!-- endmetadata -->

 ## Quick start

 * `abra app new directus`
-* `abra app secret insert <app-name> smtp_password v1 <your-smtp-password>`
 * `abra app secret generate <app-name> --all`
 * `abra app config <app-name>`
 * `abra app deploy <app-name>`

 For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
+
+
+## Additional configs
+
+### smtp
+By default `sendmail` is configured. To use SMTP uncomment the respective section in your .env-file and insert the smtp-secret:
+* `abra app secret insert <app-name> smtp_password v1 <your-smtp-password>`
+
+By this you make usage of [compose.smtp.yml](compose.smtp.yml)
+
+### sso (oidc)
+The config of one oidc-provider is prepared. Just uncomment an fill in the respective part in .env-file. By this you make usage of [compose.oidc.yml](compose.oidc.yml). If you need further providers, consider [adding a custom compose-file](https://docs.coopcloud.tech/operators/handbook/#how-can-i-modifyoverride-the-composeyml-file) containing the necessary env-vars as indicated in the directus' docs.
+
+
+### using the directus' cli for templates
+In [abra.sh](abra.sh) you find some commands you can run with `abra app cmd` for usage of directus' cli (e.g.) for exporting and importing a schema / template / data ...
+
+
+### setting custom .env-vars / secrets
+Automation in directus is a mighty tool to customize your CMS. If you need to pass a custom env-var or secret, you can do so by [adding a custom compose-file](https://docs.coopcloud.tech/operators/handbook/#how-can-i-modifyoverride-the-composeyml-file).
+
+This is a working example. Make sure you add all your env-vars, that you want to be able to access in flows to the comma separated env-var `FLOWS_ENV_ALLOW_LIST` like explained [here](https://directus.io/docs/configuration/flows).
+
+`directus.compose.customenv.yml`
+```
+services:
+  app:
+    environment:
+      FLOWS_ENV_ALLOW_LIST: "API_USER,API_TOKEN"
+      API_USER: "MyApiUser" 
+      API_TOKEN_FILE: /run/secrets/api_token
+
+    secrets:
+      - api_token
+      
+
+secrets:
+  api_token:
+    name: ${STACK_NAME}_oidc_secret_${SECRET_API_TOKEN_VERSION}
+    external: true
+```
+
+in your `env-file` you would add:
+
+```
+# custom secrets
+COMPOSE_FILE="compose.yml:../../servers/<yourserver>/directus.compose.customenv.yml"
+
+SECRET_API_TOKEN_VERSION=v1
+```
+
+and then redeploy: `abra app deploy -f <app-name>`
--- a/abra.sh
+++ b/abra.sh
@ -1,6 +1,6 @@
 # Set any config versions here
 # Docs: https://docs.coopcloud.tech/maintainers/handbook/#manage-configs
-export DIRECTUS_ENTRYPOINT_VERSION=v4
+export DIRECTUS_ENTRYPOINT_VERSION=v5
 export PG_BACKUP_VERSION=v1

 # essentially a wrapper for directus-template-cli apply:
--- a/compose.oidc.yml
+++ b/compose.oidc.yml
@ -14,7 +14,7 @@ services:
      AUTH_SSO_REQUIRE_VERIFIED_EMAIL: ${AUTH_SSO_REQUIRE_VERIFIED_EMAIL:-false}
      AUTH_SSO_DEFAULT_ROLE_ID: ${AUTH_SSO_DEFAULT_ROLE_ID}
      AUTH_SSO_SYNC_USER_INFO: ${AUTH_SSO_SYNC_USER_INFO:-true}
-      AUTH_SSO_ROLE_MAPPING: ${AUTH_SSO_ROLE_MAPPING:-{}}"
+      AUTH_SSO_ROLE_MAPPING: ${AUTH_SSO_ROLE_MAPPING}
      AUTH_SSO_GROUP_CLAIM_NAME: ${AUTH_SSO_GROUP_CLAIM_NAME:-groups}
      AUTH_SSO_ICON: ${AUTH_SSO_ICON:-account_circle}
      AUTH_SSO_LABEL: ${AUTH_SSO_LABEL:-"Single Sign On"}
--- a/compose.yml
+++ b/compose.yml
@ -1,7 +1,7 @@
 ---
 services:
  app:
-    image: directus/directus:${IMAGE_VERSION:-11}
+    image: directus/directus:${IMAGE_VERSION:-11.15.1}

    environment:
      DB_CLIENT: pg
@ -62,7 +62,7 @@ services:
        ## Redirect HTTP to HTTPS
        - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.scheme=https"
        - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.permanent=true"
-        - "coop-cloud.${STACK_NAME}.version=0.3.1+11"
+        - "coop-cloud.${STACK_NAME}.version=0.5.0+11.15.1"

    healthcheck:
      test: ["CMD-SHELL", "wget -qO- http://0.0.0.0:8055/server/health | grep -q '\"status\":\"ok\"'"]
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -14,15 +14,16 @@ load_secret() {
        fi
        export "$env_var"="$value"
    else
-        echo >&2 "info: $secret_file does not exist, if you don't use the secret it shouldn't be a problem"
+        echo >&2 "[info] didn't set $env_var because $secret_file does not exist. If you don't use the secret or it is no secret at all you can safely ignore this message."
    fi
 }

-load_secret "DB_PASSWORD" "/run/secrets/db_password"
-load_secret "ADMIN_PASSWORD" "/run/secrets/admin_password"
-load_secret "SIGNING_SECRET" "/run/secrets/signing_secret"
-load_secret "EMAIL_SMTP_PASSWORD" "/run/secrets/smtp_password"
-load_secret "OIDC_SECRET" "/run/secrets/oidc_secret"
+# load every env-var that ends on _FILE
+for var in $(env | grep "_FILE="); do
+    key=$(echo "$var" | sed 's/_FILE=.*//')
+    value=$(echo "$var" | sed 's/.*_FILE=//')
+    load_secret "$key" "$value"
+done

 # upstream has no entrypoint https://github.com/directus/directus/blob/main/Dockerfile
 node cli.js bootstrap && pm2-runtime start ecosystem.config.cjs
--- a/release/0.4.0+11
+++ b/release/0.4.0+11
@ -0,0 +1 @@
+compare release notes of 0.3.0 – some recipe upgrading issues
--- a/release/0.4.1+11
+++ b/release/0.4.1+11
@ -0,0 +1 @@
+syntax error in oidc compose when using role_mapping
Author	SHA1	Message	Date
val	5fd5528342	chore: publish 0.5.0+11.15.1 release	2026-02-11 18:38:44 +01:00
contraintuitiv	b4d1ac9a2d	chore: publish 0.4.1+11 release	2026-01-08 19:07:17 +01:00
contraintuitiv	e475f066d2	chore: publish 0.4.0+11 release	2026-01-08 16:34:23 +01:00
val	126bec5ef7	Merge pull request 'sso' (#1 ) from sso into main Reviewed-on: #1	2026-01-08 15:32:40 +00:00
				`@ -0,0 +1 @@`
				`compare release notes of 0.3.0 – some recipe upgrading issues`
				`@ -0,0 +1 @@`
				`syntax error in oidc compose when using role_mapping`