Upgrade Grist, enable OIDC
This commit is contained in:
parent
6a3c05f95c
commit
5b89e4956a
16
.env.sample
16
.env.sample
|
@ -17,3 +17,19 @@ GRIST_DEFAULT_EMAIL=grist@example.com
|
|||
|
||||
SECRET_GRIST_SESSION_SECRET_VERSION=v1
|
||||
SECRET_DB_PASSWORD_VERSION=v1
|
||||
|
||||
COMPOSE_FILE="compose.yml"
|
||||
|
||||
# OIDC Single Sign On
|
||||
# See https://support.getgrist.com/install/oidc/
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.oidc.yml"
|
||||
#GRIST_OIDC_IDP_ISSUER=https://sso.example.com/realm/myrealm/
|
||||
#GRIST_OIDC_IDP_CLIENT_ID=something
|
||||
#SECRET_GRIST_OIDC_IDP_CLIENT_SECRET_VERSION=v1
|
||||
# Optional settings
|
||||
#GRIST_OIDC_IDP_SCOPES
|
||||
#GRIST_OIDC_SP_HOST
|
||||
#GRIST_OIDC_IDP_END_SESSION_ENDPOINT
|
||||
#GRIST_OIDC_IDP_SKIP_END_SESSION_ENDPOINT
|
||||
#GRIST_OIDC_SP_PROFILE_NAME_ATTR
|
||||
#GRIST_OIDC_SP_PROFILE_EMAIL_ATTR
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
services:
|
||||
app:
|
||||
environment:
|
||||
- GRIST_OIDC_IDP_ISSUER
|
||||
- GRIST_OIDC_IDP_CLIENT_ID
|
||||
- GRIST_OIDC_IDP_CLIENT_SECRET_FILE=/run/secrets/grist_oidc_idp_client_secret
|
||||
- GRIST_OIDC_IDP_SCOPES
|
||||
- GRIST_OIDC_SP_HOST
|
||||
- GRIST_OIDC_IDP_END_SESSION_ENDPOINT
|
||||
- GRIST_OIDC_IDP_SKIP_END_SESSION_ENDPOINT
|
||||
- GRIST_OIDC_SP_PROFILE_NAME_ATTR
|
||||
- GRIST_OIDC_SP_PROFILE_EMAIL_ATTR
|
||||
secrets:
|
||||
- grist_oidc_idp_client_secret
|
||||
|
||||
secrets:
|
||||
grist_oidc_idp_client_secret:
|
||||
external: true
|
||||
name: ${STACK_NAME}_grist_oidc_idp_client_secret_${SECRET_GRIST_OIDC_IDP_CLIENT_SECRET_VERSION}
|
|
@ -1,6 +1,6 @@
|
|||
services:
|
||||
app:
|
||||
image: gristlabs/grist:1.1.7
|
||||
image: gristlabs/grist:1.1.12
|
||||
networks:
|
||||
- proxy
|
||||
- internal
|
||||
|
@ -18,7 +18,7 @@ services:
|
|||
- APP_HOME_URL=https://${DOMAIN}
|
||||
- APP_DOC_URL=https://${DOMAIN}
|
||||
- GRIST_SINGLE_ORG
|
||||
- GRIST_ORG_IN_PATH
|
||||
#- GRIST_ORG_IN_PATH
|
||||
- COOKIE_MAX_AGE
|
||||
- GRIST_FORCE_LOGIN
|
||||
- GRIST_HIDE_UI_ELEMENTS
|
||||
|
|
|
@ -26,5 +26,6 @@ file_env() {
|
|||
|
||||
file_env TYPEORM_PASSWORD
|
||||
file_env GRIST_SESSION_SECRET
|
||||
file_env GRIST_OIDC_IDP_CLIENT_SECRET
|
||||
|
||||
exec ./sandbox/run.sh $@
|
||||
|
|
Loading…
Reference in New Issue