coop-cloud/element-web
0
0
Fork 1
generated from coop-cloud/example
Code Issues 1 Pull Requests 2 Projects Releases Wiki Activity

only use sso redirection if sso is enabled #2

Open
moosemower wants to merge 2 commits from moosemower/element-web:use-sso into main
pull from: moosemower/element-web:use-sso
merge into: coop-cloud:main
Conversation 6 Commits 2 Files Changed 5
+6 -2
moosemower commented 2026-03-01 02:11:06 +00:00
Owner
Copy Link
Copy Source

Had to do this to get element-web working on my SSO-less instance

Had to do this to get element-web working on my SSO-less instance
moosemower added 1 commit 2026-03-01 02:11:07 +00:00
only use sso redirection if sso is enabled
continuous-integration/drone/pr Build encountered an error
Details
7875013844
moosemower requested review from carla 2026-03-01 02:12:17 +00:00
decentral1se reviewed 2026-03-01 08:26:45 +00:00
decentral1se left a comment
Owner
Copy Link
Copy Source

Great that to have this support non-SSO installs 🍊

Great that to have this support non-SSO installs 🍊
config.json.tmpl Outdated
@@ -7,3 +7,3 @@
},
"sso_redirect_options": {
"immediate": true
"immediate": {{ env "USE_SSO" }}
decentral1se commented 2026-03-01 08:26:06 +00:00
Owner
Copy Link
Copy Source

Thanks @moosemower 👏

If you run abra app run <app> app bash and then env | grep -i sso, do you see a value? I believe this is evaluating to false or some "non-truthy" value because it is not threaded through via the env configuration?

It's not present in the .env.sample: https://git.coopcloud.tech/coop-cloud/element-web/src/branch/main/.env.sample (#USE_SOO=)

And that needs to be threaded through into the container 👇

element-web/compose.yml Lines 8 to 10 in bb930287ed
- DOMAIN
- HOMESERVER
- SERVER_NAME

Then other operators can then customise the value. I believe to maintain backwards compatibility, you should set it to USE_SSO=${USE_SSO:-true} to ensure that operators who don't update their .env file will not have a broken upgrade. See below for more examples 👇

nextcloud/compose.yml Lines 78 to 83 in 8b7ed8142e
- PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT:-1G}
- PHP_UPLOAD_LIMIT=${PHP_UPLOAD_LIMIT:-512M}
- FPM_MAX_CHILDREN=${FPM_MAX_CHILDREN:-131}
- FPM_START_SERVERS=${FPM_START_SERVERS:-32}
- FPM_MIN_SPARE_SERVERS=${FPM_MIN_SPARE_SERVERS:-32}
- FPM_MAX_SPARE_SERVERS=${FPM_MAX_SPARE_SERVERS:-98}

We wanted to document this slightly involved environment updating dance over on https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes but didn't get around to it 🙃 Docs patches welcome!

Thanks @moosemower 👏 If you run `abra app run <app> app bash` and then `env | grep -i sso`, do you see a value? I believe this is evaluating to `false` or some "non-truthy" value because it is not threaded through via the env configuration? It's not present in the `.env.sample`: https://git.coopcloud.tech/coop-cloud/element-web/src/branch/main/.env.sample (`#USE_SOO=`) And that needs to be threaded through into the container 👇 https://git.coopcloud.tech/coop-cloud/element-web/src/commit/bb930287ed89efbfc2f0822cf4393b8f3a92cc5a/compose.yml#L8-L10 Then other operators can then customise the value. I believe to maintain backwards compatibility, you should set it to `USE_SSO=${USE_SSO:-true}` to ensure that operators who don't update their `.env` file will not have a broken upgrade. See below for more examples 👇 https://git.coopcloud.tech/coop-cloud/nextcloud/src/commit/8b7ed8142e6a492fb107141a163bbec1107bb979/compose.yml#L78-L83 We wanted to document this slightly involved environment updating dance over on https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes but didn't get around to it 🙃 Docs patches welcome!
moosemower commented 2026-03-20 01:45:50 +00:00
Author
Owner
Copy Link
Copy Source

Oooh, good catch! Indeed, deploying a new element-web with my changes,

$ abra app run element-web.moose.garden app sh
/ $ env | grep -i sso
/ $

No SSO variables in there! Derp. Including my .env.sample changes in an amended commit.

Also, now that I plumb in environment: USE_SSO=${USE_SSO:-true} I get USE_SSO=true by default in the container's env, even if I don't set that variable to anything. Thanks for the tip! I won't promise a doc patch but I would like to :)

Changes to my commit:

  • plumbed in USE_SSO to compose.yml
  • default that var to true if not set for compat
  • add it to .env.sample
Oooh, good catch! Indeed, deploying a new element-web with my changes, ``` $ abra app run element-web.moose.garden app sh / $ env | grep -i sso / $ ``` No SSO variables in there! Derp. Including my .env.sample changes in an amended commit. Also, now that I plumb in `environment: USE_SSO=${USE_SSO:-true}` I get USE_SSO=true by default in the container's env, even if I don't set that variable to anything. Thanks for the tip! I won't promise a doc patch but I would like to :) ---- Changes to my commit: - plumbed in USE_SSO to compose.yml - default that var to `true` if not set for compat - add it to .env.sample
decentral1se commented 2026-03-23 14:18:39 +00:00
Owner
Copy Link
Copy Source

Great, thanks for the update!

Great, thanks for the update!
decentral1se marked this conversation as resolved
moosemower force-pushed use-sso from 7875013844 to b9c7d54db8 2026-03-20 01:44:51 +00:00 Compare
moosemower removed review request for carla 2026-03-20 01:46:25 +00:00
moosemower requested review from carla 2026-03-21 04:47:41 +00:00
carla commented 2026-03-23 13:38:01 +00:00
Owner
Copy Link
Copy Source

maybe @decentral1se should review it as you were already in the loop? :)

maybe @decentral1se should review it as you were already in the loop? :)
👍 1
decentral1se commented 2026-03-23 14:38:50 +00:00
Owner
Copy Link
Copy Source

Sorry, maybe super annoying @moosemower but this is kind of a strange change after all that it sets the env var to both true and false by default 😅 It's fully backwards compatible but now it's confusing 🙃 Typically, a recipe will have the SSO feature as an add-on instead of the default. So, we're kind of in this problem due to that past decision (that I probably made? 😆). I actually would not be against making a breaking major recipe version release to set the USE_SSO to false in all cases unless you enable it as operator?

Sorry, maybe super annoying @moosemower but this is kind of a strange change after all that it sets the env var to both `true` and `false` by default 😅 It's fully backwards compatible but now it's confusing 🙃 Typically, a recipe will have the SSO feature as an add-on instead of the default. So, we're kind of in this problem due to that past decision (that I probably made? 😆). I actually would not be against making a breaking major recipe version release to set the `USE_SSO` to `false` in all cases unless you enable it as operator?
moosemower force-pushed use-sso from b9c7d54db8 to 0cf7191b71 2026-06-07 18:00:53 +00:00 Compare
moosemower removed review request for carla 2026-06-07 18:23:39 +00:00
moosemower commented 2026-06-07 18:24:13 +00:00
Author
Owner
Copy Link
Copy Source

[after a normal amount of time, coming back to this :)]

Set USE_SSO to false by default everywhere, and pointed out that upgraders should change this via the release notes. I used the abra release tool to also tag it with the next major revision, i.e. https://git.coopcloud.tech/moosemower/element-web/src/tag/1.0.0+v1.12.18 (although I don't think this PR includes that tag! I'll remember to poke someone to add that git tag, if this gets merged).

[after a normal amount of time, coming back to this :)] Set USE_SSO to false by default everywhere, and pointed out that upgraders should change this via the release notes. I used the abra release tool to also tag it with the next major revision, i.e. https://git.coopcloud.tech/moosemower/element-web/src/tag/1.0.0+v1.12.18 (although I don't think this PR includes that tag! I'll remember to poke someone to add that git tag, if this gets merged).
❤️ 1
moosemower requested review from decentral1se 2026-06-07 18:24:42 +00:00
decentral1se declined to review 2026-06-10 09:40:38 +00:00
decentral1se requested review from 3wordchant 2026-06-10 09:40:46 +00:00
decentral1se requested review from carla 2026-06-10 09:40:46 +00:00
decentral1se requested review from moritz 2026-06-10 09:40:46 +00:00
3wordchant commented 2026-06-10 18:08:21 +00:00
Owner
Copy Link
Copy Source

I'm not running element-web any more, can't test, sorry. Maybe an Autonomic can help? @notplants @knoflook @kawaiipunk

I'm not running element-web any more, can't test, sorry. Maybe an Autonomic can help? @notplants @knoflook @kawaiipunk
👍 1
decentral1se removed review request for 3wordchant 2026-06-11 10:50:56 +00:00
moosemower commented 2026-06-17 16:29:24 +00:00
Author
Owner
Copy Link
Copy Source

I can also test some permutations when I next have a spot of time, like the first review cycle :)

I can also test some permutations when I next have a spot of time, like the first review cycle :)
Some checks are pending
continuous-integration/drone/pr Build encountered an error
Details
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u https://git.coopcloud.tech/moosemower/element-web use-sso:moosemower-use-sso
git checkout moosemower-use-sso
Sign in to join this conversation.
Reviewers
No Reviewers
decentral1se
carla
moritz
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
3wordchant aadil (Aadil Ayub) abra-bot (Abra Bot) ammaratef45 amras (Sarma) Apfelwurm appletalk arjan basebuilder BornDeleuze Brooke carla cas (Cassowary) codegod100 coopcloud cyrnel decentral1se (decentral1se) dede devydave fauno (fauno) flancian Frando iexos jade (Jade Ambrose) javielico jjsfunhouse jmakdah2 joe-irving kawaiipunk (KawaiiPunk) knoflook kolaente lambdabundesverband linnealovespie marlon mayel mirsal moosemower moritz nicksellen notplants oxaliq (sorrel) p4u1 pau pharaohgraphy (Andrew 🐦‍🔥❤️‍🔥✴️) PhiNatalie renovate-bot (Comrade Renovate Bot) ripclap rix rscmbbng sef (sef) simon sixsmith (Sixsmith) stevensting tobias trav val (val (he/him)) vaznasty virtualboys wolcen (Chris Thompson) wykwit xynosis yksflip
No Assignees
4 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: coop-cloud/element-web#2
Delete Branch "moosemower/element-web:use-sso"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?