mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-29 15:06:26 +02:00
Implemented OIDC für mastodon
This commit is contained in:
@@ -1,3 +1,5 @@
|
||||
# @see https://docs.joinmastodon.org/admin/config
|
||||
|
||||
LOCAL_DOMAIN={{domain}}
|
||||
ALTERNATE_DOMAINS="{{ domains.mastodon_alternates | join(',') }}"
|
||||
SINGLE_USER_MODE={{applications.mastodon.single_user_mode}}
|
||||
@@ -27,4 +29,26 @@ SMTP_FROM_ADDRESS=Mastodon <{{system_email.from}}>
|
||||
|
||||
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY= {{mastodon_active_record_encryption_deterministic_key}}
|
||||
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{mastodon_active_record_encryption_key_derivation_salt}}
|
||||
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{mastodon_active_record_encryption_primary_key}}
|
||||
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{mastodon_active_record_encryption_primary_key}}
|
||||
|
||||
{% if oidc.enabled | bool %}
|
||||
###################################
|
||||
# OpenID Connect settings
|
||||
###################################
|
||||
# @see https://github.com/mastodon/mastodon/pull/16221
|
||||
# @see https://stackoverflow.com/questions/72081776/how-mastodon-configured-login-using-sso
|
||||
|
||||
OIDC_ENABLED={{ oidc.enabled | string | lower }}
|
||||
OIDC_DISPLAY_NAME="{{primary_domain}} SSO"
|
||||
OIDC_ISSUER={{oidc.client.issuer_url}}
|
||||
OIDC_DISCOVERY=true
|
||||
OIDC_SCOPE="openid,profile,email"
|
||||
OIDC_UID_FIELD=preferred_username # @see https://stackoverflow.com/questions/72108087/how-to-set-the-username-of-mastodon-by-log-in-via-keycloak
|
||||
OIDC_CLIENT_ID={{oidc.client.id}}
|
||||
OIDC_REDIRECT_URI=https://{{domain}}
|
||||
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
|
||||
OIDC_CLIENT_SECRET={{oidc.client.secret}}
|
||||
OMNIAUTH_ONLY=true # uncomment to only use OIDC for login / registration buttons
|
||||
ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true
|
||||
ONE_CLICK_SSO_LOGIN=true
|
||||
{% endif %}
|
Reference in New Issue
Block a user