diff --git a/paperless/init.sls b/paperless/init.sls index 7d80aa6..6d9b64a 100644 --- a/paperless/init.sls +++ b/paperless/init.sls @@ -67,6 +67,9 @@ paperless-docker-container-running: # - PAPERLESS_ENABLE_HTTP_REMOTE_USER_API={{ salt['pillar.get']('', 'false') }} # - PAPERLESS_SECRET_KEY={{ salt['pillar.get']('paperless:webserver:environment:secret_key', 'change-me') }} # - PAPERLESS_URL={{ salt['pillar.get']('paperless:webserver:environment:url', 'https://paperless.flipdot.org') }} + + - PAPERLESS_APPS="allauth.socialaccount.providers.openid_connect" + - PAPERLESS_SOCIALACCOUNT_PROVIDERS='{"openid_connect": {"APPS": [{"provider_id": "keycloak", "name": "Keycloak", "client_id": "paperless", "secret": {{ salt['pillar.get']('paperless:webserver:keycloak:client_secret', '') }}, "settings": {"server_url": {{ salt['pillar.get']('paperless:webserver:keycloak:server_url', 'https:///realms//.well-known/openid-configuration') }} }}]}}' - restart: always - networks: - paperless-network @@ -80,4 +83,4 @@ paperless-docker-container-running: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - port_bindings: - - "{{ salt['pillar.get']('paperless:webserver:port', "127.0.0.1:8000") }}:8000" + - {{ salt['pillar.get']('paperless:webserver:ip', '127.0.0.1') }}:{{ salt['pillar.get']('paperless:webserver:port', '8000') }}:8000 diff --git a/pillar.example b/pillar.example index 977b3f1..16311d4 100644 --- a/pillar.example +++ b/pillar.example @@ -5,8 +5,9 @@ paperless: version: 7 webserver: image: - path: github.com/paperless-ngx/paperless-ngx - version: v2.11.6 + path: ghcr.io/paperless-ngx/paperless-ngx + version: 2.12 + ip: 127.0.0.1 port: 8000 environment: redis: redis://broker:6379 @@ -35,6 +36,9 @@ paperless: # (if doing so please consider security measures such as reverse proxy) # url=https://paperless.flipdot.org + keycloak: + client_secret: + server_url: https:///realms//.well-known/openid-configuration gotenberg: image: path: docker.io/gotenberg/gotenberg