Working OIDC login?!
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/push Build is failing
Details
This commit is contained in:
parent
1ddb432f16
commit
e5bd4ec645
|
@ -4,16 +4,12 @@ version: "3.8"
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
environment:
|
environment:
|
||||||
# - PENPOT_OIDC_CLIENT_ID
|
- PENPOT_OIDC_CLIENT_ID
|
||||||
- PENPOT_GITHUB_CLIENT_ID=af6c1b2e4709ede26aa8
|
|
||||||
penpot-backend:
|
penpot-backend:
|
||||||
environment:
|
environment:
|
||||||
# - PENPOT_OIDC_CLIENT_SECRET_FILE=/run/secrets/oidc_client_secret
|
- PENPOT_OIDC_CLIENT_SECRET_FILE=/run/secrets/oidc_client_secret
|
||||||
# - PENPOT_OIDC_CLIENT_ID
|
- PENPOT_OIDC_CLIENT_ID
|
||||||
# - PENPOT_OIDC_BASE_URI
|
- PENPOT_OIDC_BASE_URI
|
||||||
# - PENPOT_OIDC_CLIENT_SECRET=cdbafaf5-eec7-424d-8449-4393481cba2a
|
|
||||||
- PENPOT_GITHUB_CLIENT_ID=af6c1b2e4709ede26aa8
|
|
||||||
- PENPOT_GITHUB_CLIENT_SECRET=a4faabb76fb5e1916328498af202fe85a81873fd
|
|
||||||
secrets:
|
secrets:
|
||||||
- oidc_client_secret
|
- oidc_client_secret
|
||||||
|
|
||||||
|
|
|
@ -18,6 +18,7 @@ x-environment:
|
||||||
- PENPOT_SMTP_USERNAME
|
- PENPOT_SMTP_USERNAME
|
||||||
- PENPOT_SMTP_TLS
|
- PENPOT_SMTP_TLS
|
||||||
- PENPOT_SMTP_SSL
|
- PENPOT_SMTP_SSL
|
||||||
|
- PENPOT_PUBLIC_URI=https://${DOMAIN}
|
||||||
|
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
|
@ -31,13 +32,8 @@ services:
|
||||||
- penpot-backend
|
- penpot-backend
|
||||||
- penpot-exporter
|
- penpot-exporter
|
||||||
environment: *default-env
|
environment: *default-env
|
||||||
entrypoint: /entrypoint.override.sh
|
|
||||||
secrets:
|
secrets:
|
||||||
- db_password
|
- db_password
|
||||||
configs:
|
|
||||||
- source: app_entrypoint
|
|
||||||
target: /entrypoint.override.sh
|
|
||||||
mode: 0555
|
|
||||||
deploy:
|
deploy:
|
||||||
restart_policy:
|
restart_policy:
|
||||||
condition: on-failure
|
condition: on-failure
|
||||||
|
|
|
@ -1,44 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
file_env() {
|
|
||||||
# 3wc: Load $VAR_FILE into $VAR - useful for secrets. See
|
|
||||||
# https://medium.com/@adrian.gheorghe.dev/using-docker-secrets-in-your-environment-variables-7a0609659aab
|
|
||||||
local var="$1"
|
|
||||||
local fileVar="${var}_FILE"
|
|
||||||
local def="${2:-}"
|
|
||||||
|
|
||||||
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
|
|
||||||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
local val="$def"
|
|
||||||
if [ "${!var:-}" ]; then
|
|
||||||
val="${!var}"
|
|
||||||
elif [ "${!fileVar:-}" ]; then
|
|
||||||
val="$(< "${!fileVar}")"
|
|
||||||
fi
|
|
||||||
export "$var"="$val"
|
|
||||||
unset "$fileVar"
|
|
||||||
}
|
|
||||||
|
|
||||||
load_vars() {
|
|
||||||
file_env "PENPOT_DATABASE_PASSWORD"
|
|
||||||
file_env "PENPOT_SMTP_PASSWORD"
|
|
||||||
file_env "PENPOT_LDAP_BIND_PASSWORD"
|
|
||||||
file_env "PENPOT_GOOGLE_CLIENT_SECRET"
|
|
||||||
file_env "PENPOT_GITHUB_CLIENT_SECRET"
|
|
||||||
file_env "PENPOT_GITLAB_CLIENT_SECRET"
|
|
||||||
file_env "PENPOT_OIDC_CLIENT_SECRET"
|
|
||||||
}
|
|
||||||
|
|
||||||
main() {
|
|
||||||
set -eu
|
|
||||||
|
|
||||||
load_vars
|
|
||||||
}
|
|
||||||
|
|
||||||
main
|
|
||||||
|
|
||||||
# 3wc: upstream ENTRYPOINT
|
|
||||||
# https://github.com/penpot/penpot/blob/develop/docker/images/Dockerfile.frontend
|
|
||||||
/docker-entrypoint.sh nginx -g "daemon off;"
|
|
Loading…
Reference in New Issue