coop-cloud/lasuite-docs
1
0
Fork 1
Code Issues 6 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

spell fixes and disable email password secret

Browse Source
This commit is contained in:
knoflook
2025-09-11 13:37:59 +02:00
parent 5ce5e557a3
commit 44fae6db11
2 changed files with 28 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
.env.sample
View File

@ -13,7 +13,7 @@ LETS_ENCRYPT_ENV=production
SECRET_MINIO_ROOT_PASSWORD_VERSION=v1
SECRET_COLLABORATION_SERVER_SECRET_VERSION=v1
SECRET_POSTGRES_PASSWORD_VERSION=v1
SECRET_AWS_S3_SECRET_KEY_VERSION=v1
SECRET_AWS_S3_SECRET_ACCESS_KEY_VERSION=v1
SECRET_OIDC_RP_CLIENT_SECRET_VERSION=v1
SECRET_DJANGO_SECRET_KEY_VERSION=v1
SECRET_DJANGO_SUPERUSER_PASSWORD_VERSION=v1
@ -35,18 +35,23 @@ DJANGO_EMAIL_PORT=1025
# SINGLE SIGN ON
##############################################################################
# NOTE: OpenID Connect (OIDC) single sign-on is **required**, see recipe README
OIDC_OP_JWKS_ENDPOINT=https://auth.${DOMAIN}/realms/impress/protocol/openid-connect/certs
OIDC_OP_AUTHORIZATION_ENDPOINT=https://auth.${DOMAIN}/realms/impress/protocol/openid-connect/auth
OIDC_OP_TOKEN_ENDPOINT=https://auth.${DOMAIN}/realms/impress/protocol/openid-connect/token
OIDC_OP_USER_ENDPOINT=https://auth.${DOMAIN}/realms/impress/protocol/openid-connect/userinfo
OIDC_RP_CLIENT_ID=impress
## Set those according to your needs
OIDC_RP_CLIENT_ID=docs
REALM_NAME=
SSO_DOMAIN=
## These can probably be left as-is
OIDC_OP_JWKS_ENDPOINT=https://${SSO_DOMAIN}/realms/${REALM_NAME}/protocol/openid-connect/certs
OIDC_OP_AUTHORIZATION_ENDPOINT=https://${SSO_DOMAIN}/realms/${REALM_NAME}/protocol/openid-connect/auth
OIDC_OP_TOKEN_ENDPOINT=https://${SSO_DOMAIN}/realms/${REALM_NAME}/protocol/openid-connect/token
OIDC_OP_USER_ENDPOINT=https://${SSO_DOMAIN}/realms/${REALM_NAME}/protocol/openid-connect/userinfo
OIDC_RP_SIGN_ALGO=RS256
OIDC_RP_SCOPES="openid email"
LOGIN_REDIRECT_URL=https://${DOMAIN}
LOGIN_REDIRECT_URL_FAILURE=https://${DOMAIN}
LOGOUT_REDIRECT_URL=https://${DOMAIN}
OIDC_REDIRECT_ALLOWED_HOSTS='["https://auth.${DOMAIN}", "https://${DOMAIN}"]'
OIDC_AUTH_REQUEST_EXTRA_PARAMS="{'acr_values'='eidas1'}"
OIDC_REDIRECT_ALLOWED_HOSTS='["https://id.docs.coop", "https://${DOMAIN}"]'
#OIDC_AUTH_REQUEST_EXTRA_PARAMS="{'acr_values'='eidas1'}"
##############################################################################
# LOGGING