generated from coop-cloud/example
parent
14cc4e6ac5
commit
c13aa2c715
|
@ -7,3 +7,10 @@ SECRET_ADMIN_PASSWORD_VERSION=v1
|
||||||
|
|
||||||
# MSSQL driver
|
# MSSQL driver
|
||||||
COMPOSE_FILE="compose.yml:compose.mssql.yml"
|
COMPOSE_FILE="compose.yml:compose.mssql.yml"
|
||||||
|
|
||||||
|
# OpenID Connect (SSO)
|
||||||
|
# COMPOSE_FILE="compose.yml:compose.oidc.yml"
|
||||||
|
# OIDC_ENABLED=1
|
||||||
|
# OIDC_CLIENT_ID=
|
||||||
|
# OIDC_ISSUER_URL=
|
||||||
|
# SECRET_OIDC_CLIENT_SECRET=v1
|
||||||
|
|
1
abra.sh
1
abra.sh
|
@ -1 +1,2 @@
|
||||||
export CUSTOM_ENTRYPOINT_VERSION=v1
|
export CUSTOM_ENTRYPOINT_VERSION=v1
|
||||||
|
export OIDC_CONF_VERSION=v1
|
||||||
|
|
|
@ -0,0 +1,26 @@
|
||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
configs:
|
||||||
|
- source: oidc_conf
|
||||||
|
target: /etc/rstudio/openid-client-secret
|
||||||
|
mode: 0600
|
||||||
|
environment:
|
||||||
|
- OIDC_CLIENT_ID
|
||||||
|
- OIDC_ENABLED
|
||||||
|
- OIDC_ISSUER_URL
|
||||||
|
secrets:
|
||||||
|
- oidc_client_secret
|
||||||
|
|
||||||
|
configs:
|
||||||
|
oidc_conf:
|
||||||
|
name: ${STACK_NAME}_oidc_conf_${OIDC_CONF_VERSION}
|
||||||
|
file: oidc.conf.tmpl
|
||||||
|
template_driver: golang
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
oidc_client_secret:
|
||||||
|
name: ${STACK_NAME}_oidc_client_secret_${SECRET_OIDC_CLIENT_SECRET}
|
||||||
|
external: true
|
|
@ -12,8 +12,9 @@ services:
|
||||||
secrets:
|
secrets:
|
||||||
- admin_password
|
- admin_password
|
||||||
environment:
|
environment:
|
||||||
- ROOT=TRUE
|
- DOMAIN=${DOMAIN}
|
||||||
- PASSWORD_FILE=/run/secrets/admin_password
|
- PASSWORD_FILE=/run/secrets/admin_password
|
||||||
|
- ROOT=TRUE
|
||||||
configs:
|
configs:
|
||||||
- source: custom_entrypoint
|
- source: custom_entrypoint
|
||||||
target: /docker-entrypoint.sh
|
target: /docker-entrypoint.sh
|
||||||
|
|
|
@ -26,4 +26,10 @@ file_env() {
|
||||||
|
|
||||||
file_env "PASSWORD"
|
file_env "PASSWORD"
|
||||||
|
|
||||||
|
{{ if eq (env "OIDC_ENABLED") "1" }}
|
||||||
|
echo "auth-openid=1" >> /etc/rstudio/rserver.conf
|
||||||
|
echo "auth-openid-issuer=${OIDC_ISSUER_URL}" >> /etc/rstudio/rserver.conf
|
||||||
|
echo "auth-openid-base-uri=https://${DOMAIN}" >> /etc/rstudio/rserver.conf
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
exec "$@"
|
exec "$@"
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
client-id={{ env "OIDC_CLIENT_ID" }}
|
||||||
|
client-secret={{ secret "oidc_client_secret" }}
|
Loading…
Reference in New Issue