WIP: Use keycloak for sso
This commit is contained in:
parent
39c6d0e819
commit
4cf8c5c7d4
2 changed files with 6 additions and 0 deletions
|
@ -67,6 +67,9 @@ paperless-docker-container-running:
|
||||||
# - PAPERLESS_ENABLE_HTTP_REMOTE_USER_API={{ salt['pillar.get']('', 'false') }}
|
# - PAPERLESS_ENABLE_HTTP_REMOTE_USER_API={{ salt['pillar.get']('', 'false') }}
|
||||||
# - PAPERLESS_SECRET_KEY={{ salt['pillar.get']('paperless:webserver:environment:secret_key', 'change-me') }}
|
# - PAPERLESS_SECRET_KEY={{ salt['pillar.get']('paperless:webserver:environment:secret_key', 'change-me') }}
|
||||||
# - PAPERLESS_URL={{ salt['pillar.get']('paperless:webserver:environment:url', 'https://paperless.flipdot.org') }}
|
# - PAPERLESS_URL={{ salt['pillar.get']('paperless:webserver:environment:url', 'https://paperless.flipdot.org') }}
|
||||||
|
|
||||||
|
- PAPERLESS_APPS="allauth.socialaccount.providers.openid_connect"
|
||||||
|
- PAPERLESS_SOCIALACCOUNT_PROVIDERS='{"openid_connect": {"APPS": [{"provider_id": "keycloak", "name": "Keycloak", "client_id": "paperless", "secret": {{ salt['pillar.get']('paperless:webserver:keycloak:client_secret', '<CLIENT_SECRET>') }}, "settings": {"server_url": {{ salt['pillar.get']('paperless:webserver:keycloak:server_url', 'https://<KEYCLOAK_SERVER>/realms/<REALM>/.well-known/openid-configuration') }} }}]}}'
|
||||||
- restart: always
|
- restart: always
|
||||||
- networks:
|
- networks:
|
||||||
- paperless-network
|
- paperless-network
|
||||||
|
|
|
@ -36,6 +36,9 @@ paperless:
|
||||||
# (if doing so please consider security measures such as reverse proxy)
|
# (if doing so please consider security measures such as reverse proxy)
|
||||||
# url=https://paperless.flipdot.org
|
# url=https://paperless.flipdot.org
|
||||||
|
|
||||||
|
keycloak:
|
||||||
|
client_secret: <CLIENT_SECRET>
|
||||||
|
server_url: https://<KEYCLOAK_SERVER>/realms/<REALM>/.well-known/openid-configuration
|
||||||
gotenberg:
|
gotenberg:
|
||||||
image:
|
image:
|
||||||
path: docker.io/gotenberg/gotenberg
|
path: docker.io/gotenberg/gotenberg
|
||||||
|
|
Loading…
Reference in a new issue