diff --git a/paperless/init.sls b/paperless/init.sls index 6d9b64a..6a07a87 100644 --- a/paperless/init.sls +++ b/paperless/init.sls @@ -1,3 +1,25 @@ +# Attempt to fix json with pillar variables in variable +{% set client_secret = salt['pillar.get']('paperless:webserver:keycloak:client_secret', '') %} +{% set oauth_server = salt['pillar.get']('paperless:webserver:keycloak:server_url', 'https:///realms//.well-known/openid-configuration') %} + +{% set PAPERLESS_SOCIALACCOUNT_PROVIDERS = + { + 'openid_connect': { + 'APPS': [ + { + 'provider_id': 'keycloak', + 'name': 'Keycloak', + 'client_id': 'paperless', + 'secret': client_secret, + 'settings': { + 'server_url': oauth_server + } + } + ] + } + } +%} + broker-data-directory-exists: file.directory: - name: /opt/paperless/broker @@ -69,7 +91,7 @@ paperless-docker-container-running: # - PAPERLESS_URL={{ salt['pillar.get']('paperless:webserver:environment:url', 'https://paperless.flipdot.org') }} - PAPERLESS_APPS="allauth.socialaccount.providers.openid_connect" - - PAPERLESS_SOCIALACCOUNT_PROVIDERS='{"openid_connect": {"APPS": [{"provider_id": "keycloak", "name": "Keycloak", "client_id": "paperless", "secret": {{ salt['pillar.get']('paperless:webserver:keycloak:client_secret', '') }}, "settings": {"server_url": {{ salt['pillar.get']('paperless:webserver:keycloak:server_url', 'https:///realms//.well-known/openid-configuration') }} }}]}}' + #- PAPERLESS_SOCIALACCOUNT_PROVIDERS='{"openid_connect": {"APPS": [{"provider_id": "keycloak", "name": "Keycloak", "client_id": "paperless", "secret": {{ salt['pillar.get']('paperless:webserver:keycloak:client_secret', '') }}, "settings": {"server_url": {{ salt['pillar.get']('paperless:webserver:keycloak:server_url', 'https:///realms//.well-known/openid-configuration') }} }}]}}' - restart: always - networks: - paperless-network