From 9ac736868b61fe8d18efb5f3ce7f81d237097fc2 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 5 May 2023 12:58:00 +0200 Subject: [PATCH] add dex to hedgedoc --- nixos/hosts/olympus/dex/configuration.nix | 14 ++++++++++---- nixos/hosts/olympus/hedgedoc/configuration.nix | 15 ++++++++++++++- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index e9bcab8..966a687 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -64,10 +64,10 @@ in { staticClients = [ { - id = "outline"; - name = "Outline"; - redirectURIs = [ "https://outline.0x76.dev/auth/oidc.callback" ]; - secretEnv = "OUTLINE_CLIENT_SECRET"; + id = "outline"; + name = "Outline"; + redirectURIs = [ "https://outline.0x76.dev/auth/oidc.callback" ]; + secretEnv = "OUTLINE_CLIENT_SECRET"; } { id = "grafana"; @@ -75,6 +75,12 @@ in { redirectURIs = [ "https://grafana.0x76.dev/login/generic_oauth" ]; secretEnv = "GRAFANA_CLIENT_SECRET"; } + { + id = "hedgedoc"; + name = "Hedgedoc"; + redirectURIs = [ "https://md.0x76.dev/auth/oauth2/callback" ]; + secretEnv = "HEDGEDOC_CLIENT_SECRET"; + } ]; }; diff --git a/nixos/hosts/olympus/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix index c23b63c..1b92dc5 100644 --- a/nixos/hosts/olympus/hedgedoc/configuration.nix +++ b/nixos/hosts/olympus/hedgedoc/configuration.nix @@ -66,7 +66,20 @@ in { accessKey = "$MINIO_ACCESS_KEY"; secretKey = "$MINIO_SECRET_KEY"; }; - email = true; + email = false; + oauth2 = let url = "https://dex.0x76.dev"; + in { + providerName = "Dex"; + clientID = "hedgedoc"; + clientSecret = "$DEX_CLIENT_SECRET"; + scope = "openid email profile"; + authorizationURL = "${url}/auth"; + tokenURL = "${url}/token"; + userProfileURL = "${url}/userinfo"; + userProfileUsernameAttr = "preferred_username"; + userProfileDisplayNameAttr = "name"; + userProfileEmailAttr = "email"; + }; }; }; }