coop-cloud/loomio
1
0
Fork 1
Code Issues 4 Pull Requests 2 Projects Releases Wiki Activity

add compose.oauth.yml file
Some checks failed
continuous-integration/drone/pr Build is failing
Details

Browse Source
This commit is contained in:
Jackie
2025-07-27 17:42:58 -07:00
parent e9ec238865
commit 9531f4fe40
6 changed files with 31 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.drone.yml
View File

@ -22,6 +22,7 @@ steps:
SECRET_SECRET_COOKIE_TOKEN_VERSION: v1 SECRET_SECRET_COOKIE_TOKEN_VERSION: v1
SECRET_DB_PASSWORD_VERSION: v1 SECRET_DB_PASSWORD_VERSION: v1
SECRET_SMTP_PASSWORD_VERSION: v1 SECRET_SMTP_PASSWORD_VERSION: v1
SECRET_OAUTH_APP_SECRET_VERSION: v1
trigger: trigger:
branch: branch:
- main - main

6
.env.sample
View File

@ -92,16 +92,14 @@ SECRET_DB_PASSWORD_VERSION=v1
# THEME_TEXT_ON_ACCENT_COLOR=rgb(255,255,255) # THEME_TEXT_ON_ACCENT_COLOR=rgb(255,255,255)
# env variables needed to enable OAuth2 authentication # env variables needed to enable OAuth2 authentication
# COMPOSE_FILE="$COMPOSE_FILE:compose.oauth.yml"
# OAUTH_AUTH_URL= # OAUTH_AUTH_URL=
# OAUTH_TOKEN_URL= # OAUTH_TOKEN_URL=
# OAUTH_PROFILE_URL= # OAUTH_PROFILE_URL=
# OAUTH_SCOPE= # OAUTH_SCOPE=
# OAUTH_APP_KEY= # OAUTH_APP_KEY=
# This is not a good practice, app secret should passed in via docker secret once support is added (https://github.com/loomio/loomio/issues/11671)
# Remove this variable before publishing code to any shared repo!
# OAUTH_APP_SECRET=
# OAUTH_ATTR_UID= # OAUTH_ATTR_UID=
# OAUTH_ATTR_NAME= # OAUTH_ATTR_NAME=
# OAUTH_ATTR_EMAIL= # OAUTH_ATTR_EMAIL=
# OAUTH_LOGIN_PROVIDER_NAME= # OAUTH_LOGIN_PROVIDER_NAME=
# SECRET_OAUTH_APP_SECRET_VERSION=v1

25
compose.oauth.yml Normal file
View File

@ -0,0 +1,25 @@
version: "3.8"
x-oauth-env: &oauth-env
OAUTH_AUTH_URL:
OAUTH_TOKEN_URL:
OAUTH_PROFILE_URL:
OAUTH_SCOPE:
OAUTH_APP_KEY:
OAUTH_APP_SECRET_FILE: /run/secrets/oauth_app_secret
OAUTH_ATTR_UID:
OAUTH_ATTR_NAME:
OAUTH_ATTR_EMAIL:
OAUTH_LOGIN_PROVIDER_NAME:
services:
app:
environment:
*oauth-env
secrets:
- oauth_app_secret
secrets:
oauth_app_secret:
name: ${STACK_NAME}_oauth_app_secret_${SECRET_OAUTH_APP_SECRET_VERSION}
external: true

10
compose.yml
View File

@ -29,16 +29,6 @@ x-environment: &default-env
SAML_IDP_METADATA_URL: SAML_IDP_METADATA_URL:
SAML_ISSUER: SAML_ISSUER:
FEATURES_DISABLE_EMAIL_LOGIN: FEATURES_DISABLE_EMAIL_LOGIN:
OAUTH_AUTH_URL:
OAUTH_TOKEN_URL:
OAUTH_PROFILE_URL:
OAUTH_SCOPE:
OAUTH_APP_KEY:
OAUTH_APP_SECRET:
OAUTH_ATTR_UID:
OAUTH_ATTR_NAME:
OAUTH_ATTR_EMAIL:
OAUTH_LOGIN_PROVIDER_NAME:
services: services:
app: app:

1
entrypoint.sh
View File

@ -25,6 +25,7 @@ file_env "DEVISE_SECRET"
file_env "SECRET_COOKIE_TOKEN" file_env "SECRET_COOKIE_TOKEN"
file_env "POSTGRES_PASSWORD" file_env "POSTGRES_PASSWORD"
file_env "SMTP_PASSWORD" file_env "SMTP_PASSWORD"
file_env "OAUTH_APP_SECRET"
export DB_HOST="db" export DB_HOST="db"
export DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/${POSTGRES_DB}" export DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/${POSTGRES_DB}"

2
release/5.1.0+v3.0.0 Normal file
View File

@ -0,0 +1,2 @@
Add support for OAuth2. To use this feature copy and populate the new oauth2 env variables from the .env.sample to your locale .env config and insert the oauth2_app_secret secret into your recipe:
abra app secret insert <domain> oauth_app_secret v1 <your oauth2 client secret>