bero/test
1
0
Fork 0
Code Issues 52 Pull Requests 3 Actions Packages Projects Releases Wiki Activity

Added SSO config to gitea.sh

Browse Source
This commit is contained in:
root 2024-10-04 12:24:44 +00:00
parent 2f969592bd
commit 03de03cd21
1 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
lib/gitea.sh
View File

@ -302,6 +302,7 @@ configsso_gitea() {
[ ! -d "/federated/apps/authelia" ] && failcheck "Authelia is not installed. You need this first before continuing."
[ ! -f "/federated/apps/authelia/data/config/idproviders.yml" ] && failcheck "Authelia idproviders.yml is missing."
[[ $(grep "### Gitea" /federated/apps/authelia/data/config/idproviders.yml 2>/dev/null) ]] && failcheck "Authelia already has a Gitea configuration."
get_appvars
GITEA_CLIENT_SECRET=$(create_password);
GITEA_CLIENT_SECRET_HASH=$(docker run -it --rm authelia/authelia:latest authelia crypto hash generate pbkdf2 --password $GITEA_CLIENT_SECRET | awk '{ print $2 }')
@ -328,12 +329,22 @@ EOF
/federated/bin/stop authelia
/federated/bin/start authelia
docker exec --user 1000 gitea gitea admin auth add-oauth --name "Authelia" --provider "openidConnect" --key "gitea" --secret "$GITEA_CLIENT_SECRET" --auto-discover-url "https://authelia.$DOMAIN/.well-known/openid-configuration" --skip-local-2fa "true" --scopes "email profile" --group-claim-name "groups" --admin-group "admin" --restricted-group "guest"
docker exec --user 1000 gitea gitea admin auth add-oauth --name "Authelia" --provider "openidConnect" --key "gitea" --secret "$GITEA_CLIENT_SECRET" --auto-discover-url "https://authelia.$DOMAIN/.well-known/openid-configuration" --skip-local-2fa "true" --scopes "openid email profile" --group-claim-name "groups" --admin-group "admin" --restricted-group "guest"
# Add in extra hosts config
add_authelia_config_to_dockercompose "$APP"
sed -i "s/GITEA__service__DISABLE_REGISTRATION=.*/GITEA__service__DISABLE_REGISTRATION=false/g" /federated/apps/gitea/.env
cat >> /federated/apps/gitea/.env <<EOF
GITEA__oauth2_client__ENABLE_AUTO_REGISTRATION=true
GITEA__openid__ENABLE_OPENID_SIGNIN=false
GITEA__openid__ENABLE_OPENID_SIGNUP=true
GITEA__openid__WHITELISTED_URIS=$DOMAIN
GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION=true
GITEA__service__SHOW_REGISTRATION_BUTTON=false
GITEA__oauth2_client__USERNAME=email
GITEA__oauth2_client__ACCOUNT_LINKING=auto
GITEA__oauth2_client__ACCOUNT_LINKING=login
GITEA__oauth2_client__OPENID_CONNECT_SCOPES="openid profile email"
EOF
/federated/bin/stop gitea