Compare commits
6 Commits
sso
...
2.1.2+1.35
| Author | SHA1 | Date | |
|---|---|---|---|
| 4ce783b413 | |||
| 7a1c0a5465 | |||
| 0376d412d0 | |||
| e00f20d870 | |||
10af40a73d
|
|||
|
2410d778e3
|
27
.env.sample
27
.env.sample
@ -30,29 +30,4 @@ TX="Europe/Berlin"
|
||||
#SMTP_USERNAME=noreply@example.com
|
||||
#SMTP_HOST=mail.example.com
|
||||
#SMTP_PORT=587
|
||||
#SMTP_SECURITY=starttls
|
||||
|
||||
## SSO Setup Start ##
|
||||
|
||||
## SSO Required Setup
|
||||
#SSO_ENABLED=false ## Activate the SSO
|
||||
|
||||
## the OpenID Connect Discovery endpoint of your SSO. Should not include the /.well-known/openid-configuration part and no trailing / ${SSO_AUTHORITY}/.well-known/openid-configuration must return a JSON document: https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse (with an HTTP status code 200 OK!)
|
||||
#SSO_AUTHORITY=
|
||||
#SSO_CLIENT_ID=
|
||||
#SSO_CLIENT_SECRET=
|
||||
#SSO_ONLY=false ## disable email+Master password authentication
|
||||
|
||||
## SSO Optional Setup
|
||||
#SSO_SIGNUPS_MATCH_EMAIL=true ##: On SSO Signup if a user with a matching email already exists make the association (default true)
|
||||
#SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION=false ## Allow unknown email verification status (default false). Allowing this with SSO_SIGNUPS_MATCH_EMAIL open potential account takeover.
|
||||
#SSO_SCOPES= ##Optional, allow to override scopes if needed (default "email profile")
|
||||
#SSO_AUTHORIZE_EXTRA_PARAMS= ## Optional, allow to add extra parameter to the authorize redirection (default "")
|
||||
#SSO_PKCE=true ## Activate PKCE for the Auth Code flow (default true).
|
||||
#SSO_AUDIENCE_TRUSTED= ##Optional, Regex to trust additional audience for the IdToken (client_id is always trusted). Use single quote when writing the regex: '^$'.
|
||||
#SSO_MASTER_PASSWORD_POLICY ## Optional Master password policy (enforceOnLogin is not supported).
|
||||
#SSO_AUTH_ONLY_NOT_SESSION ## Enable to use SSO only for authentication not session lifecycle
|
||||
#SSO_CLIENT_CACHE_EXPIRATION=0 ## Cache calls to the discovery endpoint, duration in seconds, 0 to disable (default 0);
|
||||
#SSO_DEBUG_TOKENS=false ## Log all tokens for easier debugging (default false, LOG_LEVEL=debug or LOG_LEVEL=info,vaultwarden::sso=debug need to be set)
|
||||
|
||||
## SSO Setup End ##
|
||||
#SMTP_SECURITY=starttls
|
||||
@ -3,7 +3,7 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: vaultwarden/server:1.35.2
|
||||
image: vaultwarden/server:1.35.3
|
||||
networks:
|
||||
- proxy
|
||||
- internal
|
||||
@ -43,7 +43,7 @@ services:
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "coop-cloud.${STACK_NAME}.version=3.0.0+1.35.2"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.1.2+1.35.3"
|
||||
- "backupbot.backup=true"
|
||||
- "backupbot.backup.path=/data"
|
||||
|
||||
|
||||
1
release/2.0.1+1.35.2
Normal file
1
release/2.0.1+1.35.2
Normal file
@ -0,0 +1 @@
|
||||
Allows support for 2026.1+ clients.
|
||||
@ -1,4 +0,0 @@
|
||||
Allows support for 2026.1+ clients.
|
||||
|
||||
This release includes options for SSO. Check out the release notes for
|
||||
more infomation.
|
||||
6
renovate.json
Normal file
6
renovate.json
Normal file
@ -0,0 +1,6 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"extends": [
|
||||
"config:recommended"
|
||||
]
|
||||
}
|
||||
Reference in New Issue
Block a user