Working OIDC login?!
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/push Build is failing
Details
This commit is contained in:
parent
1ddb432f16
commit
e5bd4ec645
|
@ -4,16 +4,12 @@ version: "3.8"
|
|||
services:
|
||||
app:
|
||||
environment:
|
||||
# - PENPOT_OIDC_CLIENT_ID
|
||||
- PENPOT_GITHUB_CLIENT_ID=af6c1b2e4709ede26aa8
|
||||
- PENPOT_OIDC_CLIENT_ID
|
||||
penpot-backend:
|
||||
environment:
|
||||
# - PENPOT_OIDC_CLIENT_SECRET_FILE=/run/secrets/oidc_client_secret
|
||||
# - PENPOT_OIDC_CLIENT_ID
|
||||
# - PENPOT_OIDC_BASE_URI
|
||||
# - PENPOT_OIDC_CLIENT_SECRET=cdbafaf5-eec7-424d-8449-4393481cba2a
|
||||
- PENPOT_GITHUB_CLIENT_ID=af6c1b2e4709ede26aa8
|
||||
- PENPOT_GITHUB_CLIENT_SECRET=a4faabb76fb5e1916328498af202fe85a81873fd
|
||||
- PENPOT_OIDC_CLIENT_SECRET_FILE=/run/secrets/oidc_client_secret
|
||||
- PENPOT_OIDC_CLIENT_ID
|
||||
- PENPOT_OIDC_BASE_URI
|
||||
secrets:
|
||||
- oidc_client_secret
|
||||
|
||||
|
|
|
@ -18,6 +18,7 @@ x-environment:
|
|||
- PENPOT_SMTP_USERNAME
|
||||
- PENPOT_SMTP_TLS
|
||||
- PENPOT_SMTP_SSL
|
||||
- PENPOT_PUBLIC_URI=https://${DOMAIN}
|
||||
|
||||
services:
|
||||
app:
|
||||
|
@ -31,13 +32,8 @@ services:
|
|||
- penpot-backend
|
||||
- penpot-exporter
|
||||
environment: *default-env
|
||||
entrypoint: /entrypoint.override.sh
|
||||
secrets:
|
||||
- db_password
|
||||
configs:
|
||||
- source: app_entrypoint
|
||||
target: /entrypoint.override.sh
|
||||
mode: 0555
|
||||
deploy:
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
|
|
|
@ -1,44 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
file_env() {
|
||||
# 3wc: Load $VAR_FILE into $VAR - useful for secrets. See
|
||||
# https://medium.com/@adrian.gheorghe.dev/using-docker-secrets-in-your-environment-variables-7a0609659aab
|
||||
local var="$1"
|
||||
local fileVar="${var}_FILE"
|
||||
local def="${2:-}"
|
||||
|
||||
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
|
||||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||
exit 1
|
||||
fi
|
||||
local val="$def"
|
||||
if [ "${!var:-}" ]; then
|
||||
val="${!var}"
|
||||
elif [ "${!fileVar:-}" ]; then
|
||||
val="$(< "${!fileVar}")"
|
||||
fi
|
||||
export "$var"="$val"
|
||||
unset "$fileVar"
|
||||
}
|
||||
|
||||
load_vars() {
|
||||
file_env "PENPOT_DATABASE_PASSWORD"
|
||||
file_env "PENPOT_SMTP_PASSWORD"
|
||||
file_env "PENPOT_LDAP_BIND_PASSWORD"
|
||||
file_env "PENPOT_GOOGLE_CLIENT_SECRET"
|
||||
file_env "PENPOT_GITHUB_CLIENT_SECRET"
|
||||
file_env "PENPOT_GITLAB_CLIENT_SECRET"
|
||||
file_env "PENPOT_OIDC_CLIENT_SECRET"
|
||||
}
|
||||
|
||||
main() {
|
||||
set -eu
|
||||
|
||||
load_vars
|
||||
}
|
||||
|
||||
main
|
||||
|
||||
# 3wc: upstream ENTRYPOINT
|
||||
# https://github.com/penpot/penpot/blob/develop/docker/images/Dockerfile.frontend
|
||||
/docker-entrypoint.sh nginx -g "daemon off;"
|
Loading…
Reference in New Issue