1
0
Fork 0

rename oidcEndpoint option to authEndpoint

This commit is contained in:
Pierre Penninckx 2023-11-30 12:48:57 -08:00 committed by GitHub
parent 54ce26efce
commit 0ae7220c06
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 25 additions and 24 deletions

View file

@ -467,7 +467,7 @@ shb.hledger = {
enable = true; enable = true;
subdomain = "hledger"; subdomain = "hledger";
domain = "example.com"; domain = "example.com";
oidcEndpoint = "https://authelia.example.com"; authEndpoint = "https://authelia.example.com";
localNetworkIPRange = "192.168.1.0/24"; localNetworkIPRange = "192.168.1.0/24";
}; };
shb.backup.instances.hledger = # Same as the examples above shb.backup.instances.hledger = # Same as the examples above
@ -493,7 +493,7 @@ shb.jellyfin = {
ldapHost = "127.0.0.1"; ldapHost = "127.0.0.1";
ldapPort = 3890; ldapPort = 3890;
dcdomain = config.shb.ldap.dcdomain; dcdomain = config.shb.ldap.dcdomain;
oidcEndpoint = "https://${config.shb.authelia.subdomain}.${config.shb.authelia.domain}"; authEndpoint = "https://${config.shb.authelia.subdomain}.${config.shb.authelia.domain}";
oidcClientID = "jellyfin"; oidcClientID = "jellyfin";
oidcUserGroup = "jellyfin_user"; oidcUserGroup = "jellyfin_user";
oidcAdminUserGroup = "jellyfin_admin"; oidcAdminUserGroup = "jellyfin_admin";

View file

@ -19,9 +19,10 @@ let
example = "mydomain.com"; example = "mydomain.com";
}; };
oidcEndpoint = lib.mkOption { authEndpoint = lib.mkOption {
type = lib.types.str; type = lib.types.nullOr lib.types.str;
description = "OIDC endpoint for SSO."; description = "Auth endpoint for SSO.";
default = null;
example = "https://authelia.example.com"; example = "https://authelia.example.com";
}; };
@ -142,8 +143,8 @@ in
# proxy_set_header Cookie $new_cookie; # proxy_set_header Cookie $new_cookie;
auth_request_set $redirect $scheme://$http_host$request_uri; auth_request_set $redirect $scheme://$http_host$request_uri;
error_page 401 =302 ${c.oidcEndpoint}?rd=$redirect; error_page 401 =302 ${c.authEndpoint}?rd=$redirect;
error_page 403 = ${c.oidcEndpoint}/error/403; error_page 403 = ${c.authEndpoint}/error/403;
proxy_pass ${c.upstream}; proxy_pass ${c.upstream};
''; '';
@ -151,7 +152,7 @@ in
# Virtual endpoint created by nginx to forward auth requests. # Virtual endpoint created by nginx to forward auth requests.
locations."/authelia".extraConfig = '' locations."/authelia".extraConfig = ''
internal; internal;
proxy_pass ${c.oidcEndpoint}/api/verify; proxy_pass ${c.authEndpoint}/api/verify;
proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Original-URI $request_uri; proxy_set_header X-Original-URI $request_uri;

View file

@ -152,7 +152,7 @@ let
default = "/var/lib/${name}"; default = "/var/lib/${name}";
}; };
oidcEndpoint = lib.mkOption { authEndpoint = lib.mkOption {
type = lib.types.nullOr lib.types.str; type = lib.types.nullOr lib.types.str;
default = null; default = null;
description = "Endpoint to the SSO provider. Leave null to not have SSO configured."; description = "Endpoint to the SSO provider. Leave null to not have SSO configured.";
@ -297,8 +297,8 @@ config.xml" templatedSettings) "${config.services.radarr.dataDir}/config.xml" (
let let
c = cfg.${name}; c = cfg.${name};
in in
lib.mkIf (c.oidcEndpoint != null) { lib.mkIf (c.authEndpoint != null) {
inherit (c) subdomain domain oidcEndpoint; inherit (c) subdomain domain authEndpoint;
upstream = "http://127.0.0.1:${toString c.port}"; upstream = "http://127.0.0.1:${toString c.port}";
autheliaRules = [ autheliaRules = [
{ {

View file

@ -57,7 +57,7 @@ in
example = "/srv/torrents"; example = "/srv/torrents";
}; };
oidcEndpoint = lib.mkOption { authEndpoint = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "OIDC endpoint for SSO"; description = "OIDC endpoint for SSO";
example = "https://authelia.example.com"; example = "https://authelia.example.com";
@ -172,7 +172,7 @@ in
shb.nginx.autheliaProtect = [ shb.nginx.autheliaProtect = [
{ {
inherit (cfg) subdomain domain oidcEndpoint; inherit (cfg) subdomain domain authEndpoint;
upstream = "http://127.0.0.1:${toString config.services.deluge.web.port}"; upstream = "http://127.0.0.1:${toString config.services.deluge.web.port}";
autheliaRules = [{ autheliaRules = [{
domain = fqdn; domain = fqdn;

View file

@ -34,7 +34,7 @@ in
example = "192.168.1.1/24"; example = "192.168.1.1/24";
}; };
oidcEndpoint = lib.mkOption { authEndpoint = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "OIDC endpoint for SSO"; description = "OIDC endpoint for SSO";
example = "https://authelia.example.com"; example = "https://authelia.example.com";
@ -74,7 +74,7 @@ in
shb.nginx.autheliaProtect = [ shb.nginx.autheliaProtect = [
{ {
inherit (cfg) subdomain domain oidcEndpoint; inherit (cfg) subdomain domain authEndpoint;
upstream = "http://${toString config.services.hledger-web.host}:${toString config.services.hledger-web.port}"; upstream = "http://${toString config.services.hledger-web.host}:${toString config.services.hledger-web.port}";
autheliaRules = [{ autheliaRules = [{
domain = fqdn; domain = fqdn;

View file

@ -57,7 +57,7 @@ in
default = "Authelia"; default = "Authelia";
}; };
oidcEndpoint = lib.mkOption { authEndpoint = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "OIDC endpoint for SSO"; description = "OIDC endpoint for SSO";
example = "https://authelia.example.com"; example = "https://authelia.example.com";
@ -287,7 +287,7 @@ in
</key> </key>
<value> <value>
<PluginConfiguration> <PluginConfiguration>
<OidEndpoint>${cfg.oidcEndpoint}</OidEndpoint> <OidEndpoint>${cfg.authEndpoint}</OidEndpoint>
<OidClientId>${cfg.oidcClientID}</OidClientId> <OidClientId>${cfg.oidcClientID}</OidClientId>
<OidSecret>%SSO_SECRET%</OidSecret> <OidSecret>%SSO_SECRET%</OidSecret>
<Enabled>true</Enabled> <Enabled>true</Enabled>
@ -324,7 +324,7 @@ in
&lt;a href="https://${cfg.subdomain}.${cfg.domain}/SSOViews/linking" class="raised cancel block emby-button authentik-sso"&gt; &lt;a href="https://${cfg.subdomain}.${cfg.domain}/SSOViews/linking" class="raised cancel block emby-button authentik-sso"&gt;
Link ${cfg.oidcProvider} config&amp;nbsp; Link ${cfg.oidcProvider} config&amp;nbsp;
&lt;/a&gt; &lt;/a&gt;
&lt;a href="${cfg.oidcEndpoint}" class="raised cancel block emby-button authentik-sso"&gt; &lt;a href="${cfg.authEndpoint}" class="raised cancel block emby-button authentik-sso"&gt;
${cfg.oidcProvider} config&amp;nbsp; ${cfg.oidcProvider} config&amp;nbsp;
&lt;/a&gt; &lt;/a&gt;
</LoginDisclaimer> </LoginDisclaimer>

View file

@ -45,7 +45,7 @@ in
example = "ldap.example.com"; example = "ldap.example.com";
}; };
oidcEndpoint = lib.mkOption { authEndpoint = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "OIDC endpoint for SSO"; description = "OIDC endpoint for SSO";
example = "https://authelia.example.com"; example = "https://authelia.example.com";
@ -162,7 +162,7 @@ in
shb.nginx.autheliaProtect = [ shb.nginx.autheliaProtect = [
{ {
inherit (cfg) subdomain domain oidcEndpoint; inherit (cfg) subdomain domain authEndpoint;
upstream = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}"; upstream = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";
autheliaRules = [ autheliaRules = [
{ {

View file

@ -84,7 +84,7 @@ in
} }
]; ];
domain = "example.com"; domain = "example.com";
oidcEndpoint = "https://oidc.example.com"; authEndpoint = "https://oidc.example.com";
subdomain = "radarr"; subdomain = "radarr";
upstream = "http://127.0.0.1:7001"; upstream = "http://127.0.0.1:7001";
} }
@ -111,7 +111,7 @@ in
subdomain = "radarr"; subdomain = "radarr";
domain = "example.com"; domain = "example.com";
enable = true; enable = true;
oidcEndpoint = "https://oidc.example.com"; authEndpoint = "https://oidc.example.com";
settings = { settings = {
APIKeyFile = "/run/radarr/apikey"; APIKeyFile = "/run/radarr/apikey";
}; };
@ -158,7 +158,7 @@ in
} }
]; ];
domain = "example.com"; domain = "example.com";
oidcEndpoint = "https://oidc.example.com"; authEndpoint = "https://oidc.example.com";
subdomain = "radarr"; subdomain = "radarr";
upstream = "http://127.0.0.1:7001"; upstream = "http://127.0.0.1:7001";
} }
@ -185,7 +185,7 @@ in
subdomain = "radarr"; subdomain = "radarr";
domain = "example.com"; domain = "example.com";
enable = true; enable = true;
oidcEndpoint = "https://oidc.example.com"; authEndpoint = "https://oidc.example.com";
settings = { settings = {
APIKeyFile = "/run/radarr/apikey"; APIKeyFile = "/run/radarr/apikey";
}; };