fix: use secrets properly for keycloak

.env.sample

@@ -44,8 +44,6 @@ LETS_ENCRYPT_ENV=production
 #KEYCLOAK_ENABLED=1
 #COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml"
 #OAUTH_CLIENT_ID=writefreely
-#OAUTH_HOST=
-#OAUTH_CLIENT_SECRET=
-#OAUTH_LOGIN_BUTTON=
-#OAUTH_WRITEFREELY_VERSION=v1
+#OAUTH_HOST=https://<your domain>/auth/realms/<your realm>/protocol/openid-connect
+#OAUTH_DISPLAY_NAME=Keycloak
 #OAUTH_CLIENT_SECRET_VERSION=v1

README.md

@@ -32,7 +32,9 @@ abra app run <domain> app -- writefreely -c /usr/share/writefreely/config.ini us
 
 ## Keycloak setup
 
-For the **OAUTH_HOST** config, it uses this format: `https://keycloak.domain.here/auth/realms/<your realm>/protocol/openid-connect`.
+For the **OAUTH_HOST** config, it uses this format: `https://keycloak.example.com/auth/realms/<your realm>/protocol/openid-connect`.
+
+To set the client secret: `abra app secret insert <domain> oauth_client_secret v1`
 
 ## MariaDB
 

config.ini.tmpl

@@ -57,7 +57,7 @@ disable_password_auth = {{ env "DISABLE_PASSWORD_AUTH" }}
 client_id          = {{ env "OAUTH_CLIENT_ID" }}
 client_secret      = {{ secret "oauth_client_secret" }}
 host               = {{ env "OAUTH_HOST" }}
-display_name       = {{ env "OAUTH_LOGIN_BUTTON" }}
+display_name       = {{ env "OAUTH_DISPLAY_NAME" }}
 callback_proxy     =
 callback_proxy_api =
 token_endpoint     = /token