kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactored and solved bugs

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-04-08 21:33:43 +02:00
parent 1be413f20d
commit da5962c337
31 changed files with 356 additions and 447 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/docker-taiga/templates/docker-compose.yml.j2
View File

@@ -44,7 +44,9 @@ services:
{% if applications[application_id].oidc.enabled and applications[application_id].oidc.flavor == 'taigaio' %}
- {{ docker_compose.directories.config }}taiga-local.py:/taiga-back/settings/local.py:ro
{% for item in settings_files %}
- {{ docker_compose.directories.config }}taiga-{{ item }}.py:/taiga-back/settings/{{ item }}.py:ro
{% endfor %}
{% endif %}

7
roles/docker-taiga/templates/env.j2
View File

@@ -53,7 +53,7 @@ ENABLE_TELEMETRY = True
# OIDC via taigaio official contrib
# @See https://github.com/taigaio/taiga-contrib-oidc-auth
ENABLE_OIDC=True
OIDC_RP_CLIENT_ID="{{ oidc.client.id }}"
OIDC_RP_CLIENT_SECRET="{{ oidc.client.secret }}"
OIDC_OP_AUTHORIZATION_ENDPOINT="{{ oidc.client.authorize_url }}"
@@ -61,10 +61,7 @@ OIDC_OP_TOKEN_ENDPOINT="{{ oidc.client.token_url }}"
OIDC_OP_USER_ENDPOINT="{{ oidc.client.user_info_url }}"
OIDC_RP_SIGN_ALGO="RS256"
OIDC_RP_SCOPES="openid profile email"
OIDC_USE_STATE=True
OIDC_USE_NONCE=True
OIDC_RP_CALLBACK_URL="{{ oidc.client.redirect_uri | default('') }}"
OIDC_OP_JWKS_ENDPOINT="{{ oidc.client.jwks_url | default('') }}"
OIDC_OP_JWKS_ENDPOINT="{{ oidc.client.certs }}"
{% endif %}

19
roles/docker-taiga/templates/local.py.j2 → roles/docker-taiga/templates/oidc/local.py.j2
View File

@@ -9,16 +9,15 @@ AUTHENTICATION_BACKENDS = list(AUTHENTICATION_BACKENDS) + [
ROOT_URLCONF = "settings.urls"
OIDC_CALLBACK_CLASS = "taiga_contrib_oidc_auth.views.TaigaOIDCAuthenticationCallbackView"
OIDC_RP_SCOPES = "openid profile email"
OIDC_RP_SIGN_ALGO = "RS256"
OIDC_BASE_URL = "{{ oidc.base_url }}"
OIDC_OP_JWKS_ENDPOINT = OIDC_BASE_URL + "/Jwks"
OIDC_OP_AUTHORIZATION_ENDPOINT = OIDC_BASE_URL + "/Authorization"
OIDC_OP_TOKEN_ENDPOINT = OIDC_BASE_URL + "/Token"
OIDC_OP_USER_ENDPOINT = OIDC_BASE_URL + "/UserInfo"
import os
OIDC_CALLBACK_CLASS = "taiga_contrib_oidc_auth.views.TaigaOIDCAuthenticationCallbackView"
OIDC_RP_SCOPES = os.getenv("OIDC_RP_SCOPES")
OIDC_RP_SIGN_ALGO = os.getenv("OIDC_RP_SIGN_ALGO")
#OIDC_BASE_URL = "" @todo remove if not needed
OIDC_OP_JWKS_ENDPOINT = os.getenv("OIDC_OP_JWKS_ENDPOINT")
OIDC_OP_AUTHORIZATION_ENDPOINT = os.getenv("OIDC_OP_AUTHORIZATION_ENDPOINT")
OIDC_OP_TOKEN_ENDPOINT = os.getenv("OIDC_OP_TOKEN_ENDPOINT")
OIDC_OP_USER_ENDPOINT = os.getenv("OIDC_OP_USER_ENDPOINT")
OIDC_RP_CLIENT_ID = os.getenv("OIDC_RP_CLIENT_ID")
OIDC_RP_CLIENT_SECRET = os.getenv("OIDC_RP_CLIENT_SECRET")

4
roles/docker-taiga/templates/oidc/urls.py Normal file
View File

@@ -0,0 +1,4 @@
from taiga.urls import *
urlpatterns += [
url(r"^oidc/", include("mozilla_django_oidc.urls")),
]