From bd68e42312781cb63f27620e9a91ce8b9cc79e9c Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Thu, 6 Feb 2025 18:47:04 +0100
Subject: [PATCH] Adapted URLs and SSO naming

---
 roles/docker-mastodon/templates/env.j2 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/docker-mastodon/templates/env.j2 b/roles/docker-mastodon/templates/env.j2
index 8d2d037b..c387b396 100644
--- a/roles/docker-mastodon/templates/env.j2
+++ b/roles/docker-mastodon/templates/env.j2
@@ -39,13 +39,13 @@ ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{mastodon_active_record_encryption_primary
 # @see https://stackoverflow.com/questions/72081776/how-mastodon-configured-login-using-sso
 
 OIDC_ENABLED={{ oidc.enabled | string | lower }}
-OIDC_DISPLAY_NAME="{{primary_domain}} SSO"
+OIDC_DISPLAY_NAME="{{primary_domain | upper}} SSO"
 OIDC_ISSUER={{oidc.client.issuer_url}}
 OIDC_DISCOVERY=true
 OIDC_SCOPE="openid,profile,email"
 OIDC_UID_FIELD=preferred_username                       # @see https://stackoverflow.com/questions/72108087/how-to-set-the-username-of-mastodon-by-log-in-via-keycloak
 OIDC_CLIENT_ID={{oidc.client.id}}
-OIDC_REDIRECT_URI=https://{{domain}}
+OIDC_REDIRECT_URI=https://{{domain}}/auth/auth/openid_connect/callback
 OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
 OIDC_CLIENT_SECRET={{oidc.client.secret}}
 OMNIAUTH_ONLY=true                                      # uncomment to only use OIDC for login / registration buttons