lumin/homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enable openid connect for mastodon

Browse source
This commit is contained in:
Ivan R. 2024-10-19 00:11:30 +05:00
parent 4c696bdff2
commit 304b9c3601
Signed by: lumin
GPG key ID: E0937DC7CD6D3817
2 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
mastodon.yml
View file

@ -12,3 +12,5 @@
active_record_encryption_deterministic_key: "{{ mastodon.active_record_encryption_deterministic_key }}" active_record_encryption_deterministic_key: "{{ mastodon.active_record_encryption_deterministic_key }}"
active_record_encryption_key_derivation_salt: "{{ mastodon.active_record_encryption_key_derivation_salt }}" active_record_encryption_key_derivation_salt: "{{ mastodon.active_record_encryption_key_derivation_salt }}"
active_record_encryption_primary_key: "{{ mastodon.active_record_encryption_primary_key }}" active_record_encryption_primary_key: "{{ mastodon.active_record_encryption_primary_key }}"
oidc_client_id: "oD2Vg5shQju164gYmju8"
oidc_client_secret: "{{ mastodon.oidc_client_secret }}"

10
roles/mastodon/templates/mastodon.env.j2
View file

@ -37,3 +37,13 @@ S3_HOSTNAME={{ s3_hostname }}
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY={{ active_record_encryption_deterministic_key }} ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY={{ active_record_encryption_deterministic_key }}
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{ active_record_encryption_key_derivation_salt }} ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{ active_record_encryption_key_derivation_salt }}
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{ active_record_encryption_primary_key }} ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{ active_record_encryption_primary_key }}
OIDC_ENABLED=true
OIDC_DISPLAY_NAME=comfycamp.space
OIDC_ISSUER=https://comfycamp.space
OIDC_DISCOVERY=true
OIDC_SCOPE=openid,profile,email
OIDC_UID_FIELD=preferred_username
OIDC_REDIRECT_URI=https://m.comfycamp.space/auth/auth/openid_connect/callback
OIDC_CLIENT_ID={{ oidc_client_id }}
OIDC_CLIENT_SECRET={{ oidc_client_secret }}