Split OAuth compose file

.envrc.sample

@@ -9,6 +9,7 @@ export ENTRYPOINT_CONF_VERSION=v1
 
 # OAuth, see https://hackmd.io/@codimd/codimd-generic-oauth-2
 
+#export COMPOSE_FILE="compose.yml:compose.oauth.yml"
 #export CMD_OAUTH2_PROVIDERNAME="Keycloak"
 #export CMD_OAUTH2_BASEURL="https://keycloak.example.com/realms/realmname/protocol/openid-connect/"
 #export CMD_OAUTH2_CLIENT_ID="codimd"

compose.oauth.yml

@@ -0,0 +1,21 @@
+---
+version: "3.8"
+
+services:
+  codimd:
+    environment:
+      - CMD_OAUTH2_PROVIDERNAME
+      - CMD_OAUTH2_BASEURL
+      - CMD_OAUTH2_CLIENT_ID
+      - CMD_OAUTH2_CLIENT_SECRET_FILE=/run/secrets/oauth_key
+      - CMD_OAUTH2_AUTHORIZATION_URL
+      - CMD_OAUTH2_TOKEN_URL
+      - CMD_OAUTH2_USER_PROFILE_URL
+      - CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
+    secrets:
+      - oauth_key
+
+secrets:
+  oauth_key:    
+    external: true 
+    name: ${STACK_NAME}_oauth_key_${OAUTH_KEY_VERSION}

compose.yml

@@ -23,14 +23,7 @@ services:
       - CMD_DB_USER=codimd
       - CMD_DB_HOST=postgres
       - CMD_DB_PASSWORD_FILE=/run/secrets/db_password
-      - CMD_OAUTH2_PROVIDERNAME
-      - CMD_OAUTH2_BASEURL
-      - CMD_OAUTH2_CLIENT_ID
-      - CMD_OAUTH2_CLIENT_SECRET_FILE=/run/secrets/oauth_key
-      - CMD_OAUTH2_AUTHORIZATION_URL
-      - CMD_OAUTH2_TOKEN_URL
-      - CMD_OAUTH2_USER_PROFILE_URL
-      - CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
+      - CMD_EMAIL  # Email login enabled?
     depends_on:
       - postgres
     networks:
@@ -40,7 +33,6 @@ services:
       - codimd_uploads:/home/hackmd/app/public/uploads
     secrets:
       - db_password
-      - oauth_key
     entrypoint: /docker-entrypoint2.sh
     configs:
       - source: entrypoint2_conf
@@ -72,9 +64,6 @@ secrets:
   db_password:    
     external: true 
     name: ${STACK_NAME}_db_password_${DB_PASSWORD_VERSION}
-  oauth_key:    
-    external: true 
-    name: ${STACK_NAME}_oauth_key_${OAUTH_KEY_VERSION}
 
 networks:
   proxy: