Compare commits

...

2 commits

Author SHA1 Message Date
rfl
4cf8c5c7d4
WIP: Use keycloak for sso 2024-10-02 13:02:56 +02:00
rfl
39c6d0e819
Fix ip 2024-10-02 12:06:27 +02:00
2 changed files with 10 additions and 3 deletions

View file

@ -67,6 +67,9 @@ paperless-docker-container-running:
# - PAPERLESS_ENABLE_HTTP_REMOTE_USER_API={{ salt['pillar.get']('', 'false') }} # - PAPERLESS_ENABLE_HTTP_REMOTE_USER_API={{ salt['pillar.get']('', 'false') }}
# - PAPERLESS_SECRET_KEY={{ salt['pillar.get']('paperless:webserver:environment:secret_key', 'change-me') }} # - PAPERLESS_SECRET_KEY={{ salt['pillar.get']('paperless:webserver:environment:secret_key', 'change-me') }}
# - PAPERLESS_URL={{ salt['pillar.get']('paperless:webserver:environment:url', 'https://paperless.flipdot.org') }} # - PAPERLESS_URL={{ salt['pillar.get']('paperless:webserver:environment:url', 'https://paperless.flipdot.org') }}
- PAPERLESS_APPS="allauth.socialaccount.providers.openid_connect"
- PAPERLESS_SOCIALACCOUNT_PROVIDERS='{"openid_connect": {"APPS": [{"provider_id": "keycloak", "name": "Keycloak", "client_id": "paperless", "secret": {{ salt['pillar.get']('paperless:webserver:keycloak:client_secret', '<CLIENT_SECRET>') }}, "settings": {"server_url": {{ salt['pillar.get']('paperless:webserver:keycloak:server_url', 'https://<KEYCLOAK_SERVER>/realms/<REALM>/.well-known/openid-configuration') }} }}]}}'
- restart: always - restart: always
- networks: - networks:
- paperless-network - paperless-network
@ -80,4 +83,4 @@ paperless-docker-container-running:
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
- port_bindings: - port_bindings:
- "{{ salt['pillar.get']('paperless:webserver:port', "127.0.0.1:8000") }}:8000" - {{ salt['pillar.get']('paperless:webserver:ip', '127.0.0.1') }}:{{ salt['pillar.get']('paperless:webserver:port', '8000') }}:8000

View file

@ -5,8 +5,9 @@ paperless:
version: 7 version: 7
webserver: webserver:
image: image:
path: github.com/paperless-ngx/paperless-ngx path: ghcr.io/paperless-ngx/paperless-ngx
version: v2.11.6 version: 2.12
ip: 127.0.0.1
port: 8000 port: 8000
environment: environment:
redis: redis://broker:6379 redis: redis://broker:6379
@ -35,6 +36,9 @@ paperless:
# (if doing so please consider security measures such as reverse proxy) # (if doing so please consider security measures such as reverse proxy)
# url=https://paperless.flipdot.org # url=https://paperless.flipdot.org
keycloak:
client_secret: <CLIENT_SECRET>
server_url: https://<KEYCLOAK_SERVER>/realms/<REALM>/.well-known/openid-configuration
gotenberg: gotenberg:
image: image:
path: docker.io/gotenberg/gotenberg path: docker.io/gotenberg/gotenberg