Upgrade Grist, enable OIDC
This commit is contained in:
parent
6a3c05f95c
commit
5b89e4956a
16
.env.sample
16
.env.sample
|
@ -17,3 +17,19 @@ GRIST_DEFAULT_EMAIL=grist@example.com
|
||||||
|
|
||||||
SECRET_GRIST_SESSION_SECRET_VERSION=v1
|
SECRET_GRIST_SESSION_SECRET_VERSION=v1
|
||||||
SECRET_DB_PASSWORD_VERSION=v1
|
SECRET_DB_PASSWORD_VERSION=v1
|
||||||
|
|
||||||
|
COMPOSE_FILE="compose.yml"
|
||||||
|
|
||||||
|
# OIDC Single Sign On
|
||||||
|
# See https://support.getgrist.com/install/oidc/
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.oidc.yml"
|
||||||
|
#GRIST_OIDC_IDP_ISSUER=https://sso.example.com/realm/myrealm/
|
||||||
|
#GRIST_OIDC_IDP_CLIENT_ID=something
|
||||||
|
#SECRET_GRIST_OIDC_IDP_CLIENT_SECRET_VERSION=v1
|
||||||
|
# Optional settings
|
||||||
|
#GRIST_OIDC_IDP_SCOPES
|
||||||
|
#GRIST_OIDC_SP_HOST
|
||||||
|
#GRIST_OIDC_IDP_END_SESSION_ENDPOINT
|
||||||
|
#GRIST_OIDC_IDP_SKIP_END_SESSION_ENDPOINT
|
||||||
|
#GRIST_OIDC_SP_PROFILE_NAME_ATTR
|
||||||
|
#GRIST_OIDC_SP_PROFILE_EMAIL_ATTR
|
||||||
|
|
|
@ -0,0 +1,19 @@
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
environment:
|
||||||
|
- GRIST_OIDC_IDP_ISSUER
|
||||||
|
- GRIST_OIDC_IDP_CLIENT_ID
|
||||||
|
- GRIST_OIDC_IDP_CLIENT_SECRET_FILE=/run/secrets/grist_oidc_idp_client_secret
|
||||||
|
- GRIST_OIDC_IDP_SCOPES
|
||||||
|
- GRIST_OIDC_SP_HOST
|
||||||
|
- GRIST_OIDC_IDP_END_SESSION_ENDPOINT
|
||||||
|
- GRIST_OIDC_IDP_SKIP_END_SESSION_ENDPOINT
|
||||||
|
- GRIST_OIDC_SP_PROFILE_NAME_ATTR
|
||||||
|
- GRIST_OIDC_SP_PROFILE_EMAIL_ATTR
|
||||||
|
secrets:
|
||||||
|
- grist_oidc_idp_client_secret
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
grist_oidc_idp_client_secret:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_grist_oidc_idp_client_secret_${SECRET_GRIST_OIDC_IDP_CLIENT_SECRET_VERSION}
|
|
@ -1,6 +1,6 @@
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: gristlabs/grist:1.1.7
|
image: gristlabs/grist:1.1.12
|
||||||
networks:
|
networks:
|
||||||
- proxy
|
- proxy
|
||||||
- internal
|
- internal
|
||||||
|
@ -18,7 +18,7 @@ services:
|
||||||
- APP_HOME_URL=https://${DOMAIN}
|
- APP_HOME_URL=https://${DOMAIN}
|
||||||
- APP_DOC_URL=https://${DOMAIN}
|
- APP_DOC_URL=https://${DOMAIN}
|
||||||
- GRIST_SINGLE_ORG
|
- GRIST_SINGLE_ORG
|
||||||
- GRIST_ORG_IN_PATH
|
#- GRIST_ORG_IN_PATH
|
||||||
- COOKIE_MAX_AGE
|
- COOKIE_MAX_AGE
|
||||||
- GRIST_FORCE_LOGIN
|
- GRIST_FORCE_LOGIN
|
||||||
- GRIST_HIDE_UI_ELEMENTS
|
- GRIST_HIDE_UI_ELEMENTS
|
||||||
|
|
|
@ -26,5 +26,6 @@ file_env() {
|
||||||
|
|
||||||
file_env TYPEORM_PASSWORD
|
file_env TYPEORM_PASSWORD
|
||||||
file_env GRIST_SESSION_SECRET
|
file_env GRIST_SESSION_SECRET
|
||||||
|
file_env GRIST_OIDC_IDP_CLIENT_SECRET
|
||||||
|
|
||||||
exec ./sandbox/run.sh $@
|
exec ./sandbox/run.sh $@
|
||||||
|
|
Loading…
Reference in New Issue