Updated discourse.sh with new plus fixes
This commit is contained in:
parent
e2c0a302e2
commit
565accdb22
@ -41,7 +41,7 @@ services:
|
|||||||
- ./data/discourse/log:/opt/bitnami/discourse/log
|
- ./data/discourse/log:/opt/bitnami/discourse/log
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.discourse.rule=Host(\`discourse.$DOMAIN\`) || Host(\`forum.$DOMAIN\`)"
|
- "traefik.http.routers.discourse.rule=Host(\`discourse.$DOMAIN\`, \`forum.$DOMAIN\`)"
|
||||||
- "traefik.http.routers.discourse.entrypoints=websecure"
|
- "traefik.http.routers.discourse.entrypoints=websecure"
|
||||||
- "traefik.http.routers.discourse.tls.certresolver=letsencrypt"
|
- "traefik.http.routers.discourse.tls.certresolver=letsencrypt"
|
||||||
logging:
|
logging:
|
||||||
@ -158,17 +158,6 @@ start_discourse() {
|
|||||||
docker exec pdns pdnsutil add-record $DOMAIN forum A 86400 $EXTERNALIP &> /dev/null
|
docker exec pdns pdnsutil add-record $DOMAIN forum A 86400 $EXTERNALIP &> /dev/null
|
||||||
fi
|
fi
|
||||||
|
|
||||||
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake plugin:install repo=https://github.com/discourse/discourse-openid-connect"
|
|
||||||
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake assets:precompile"
|
|
||||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('31', 'openid_connect_enabled', '5', 't', NOW(), NOW());"
|
|
||||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('32', 'openid_connect_discovery_document', '1', 'https://authelia.$DOMAIN/.well-known/openid-configuration', NOW(), NOW());"
|
|
||||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('33', 'openid_connect_client_id', '1', 'discourse', NOW(), NOW());"
|
|
||||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('34', 'openid_connect_authorize_scope', '1', 'openid email profile', NOW(), NOW());"
|
|
||||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('36', 'openid_connect_client_secret', '1', 'asdfsaf123231x23432432', NOW(), NOW());"
|
|
||||||
|
|
||||||
/federated/bin/stop discourse
|
|
||||||
/federated/bin/start discourse
|
|
||||||
|
|
||||||
echo -ne "done.\n"
|
echo -ne "done.\n"
|
||||||
}
|
}
|
||||||
email_discourse() {
|
email_discourse() {
|
||||||
@ -266,3 +255,65 @@ uninstall_discourse() {
|
|||||||
|
|
||||||
echo -ne "done.\n"
|
echo -ne "done.\n"
|
||||||
}
|
}
|
||||||
|
configsso_discourse() {
|
||||||
|
if [[ "${PLUS}" != "true" ]]; then
|
||||||
|
echo -ne "* Configuring discourse container with SSO.."
|
||||||
|
|
||||||
|
[ ! -d "/federated/apps/authelia" ] && failcheck "Authelia is not installed. You need this first before continuing."
|
||||||
|
[ ! -f "/federated/apps/authelia/data/config/idproviders.yml" ] && failcheck "Authelia idproviders.yml is missing."
|
||||||
|
[[ $(grep "### Discourse" /federated/apps/authelia/data/config/idproviders.yml 2>/dev/null) ]] && failcheck "Authelia already has a Discourse configuration."
|
||||||
|
|
||||||
|
DISCOURSE_CLIENT_SECRET=$(create_password);
|
||||||
|
DISCOURSE_CLIENT_SECRET_HASH=$(docker run --rm authelia/authelia:latest authelia crypto hash generate pbkdf2 --password $DISCOURSE_CLIENT_SECRET | awk '{ print $2 }')
|
||||||
|
|
||||||
|
cat >> /federated/apps/authelia/data/config/idproviders.yml <<EOF
|
||||||
|
### Discourse
|
||||||
|
- client_id: 'discourse'
|
||||||
|
client_name: 'Discourse'
|
||||||
|
client_secret: $DISCOURSE_CLIENT_SECRET_HASH
|
||||||
|
consent_mode: 'implicit'
|
||||||
|
public: false
|
||||||
|
authorization_policy: 'one_factor'
|
||||||
|
redirect_uris:
|
||||||
|
- 'https://discourse.$DOMAIN/auth/oidc/callback'
|
||||||
|
scopes:
|
||||||
|
- 'openid'
|
||||||
|
- 'profile'
|
||||||
|
- 'email'
|
||||||
|
- 'groups'
|
||||||
|
userinfo_signed_response_alg: 'none'
|
||||||
|
token_endpoint_auth_method: 'client_secret_basic'
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Restart Authelia for changes to take the above configuration
|
||||||
|
run_command "/federated/bin/stop authelia"
|
||||||
|
run_command "/federated/bin/start authelia"
|
||||||
|
|
||||||
|
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake plugin:install repo=https://github.com/discourse/discourse-openid-connect"
|
||||||
|
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake assets:precompile"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('31', 'openid_connect_enabled', '5', 't', NOW(), NOW());"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('32', 'openid_connect_discovery_document', '1', 'https://authelia.$DOMAIN/.well-known/openid-configuration', NOW(), NOW());"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('33', 'openid_connect_client_id', '1', 'discourse', NOW(), NOW());"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('34', 'openid_connect_authorize_scope', '1', 'openid email profile', NOW(), NOW());"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('36', 'openid_connect_client_secret', '1', '$DISCOURSE_CLIENT_SECRET', NOW(), NOW());"
|
||||||
|
|
||||||
|
/federated/bin/stop discourse
|
||||||
|
/federated/bin/start discourse
|
||||||
|
|
||||||
|
echo -ne "done.\n"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
configsso_discourse_plus() {
|
||||||
|
DISCOURSE_CLIENT_SECRET=$(cat /federated/apps/discourse/.discourse.client.secret)
|
||||||
|
|
||||||
|
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake plugin:install repo=https://github.com/discourse/discourse-openid-connect"
|
||||||
|
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake assets:precompile"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('31', 'openid_connect_enabled', '5', 't', NOW(), NOW());"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('32', 'openid_connect_discovery_document', '1', 'https://authelia.$DOMAIN/.well-known/openid-configuration', NOW(), NOW());"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('33', 'openid_connect_client_id', '1', 'discourse', NOW(), NOW());"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('34', 'openid_connect_authorize_scope', '1', 'openid email profile', NOW(), NOW());"
|
||||||
|
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('36', 'openid_connect_client_secret', '1', '$DISCOURSE_CLIENT_SECRET', NOW(), NOW());"
|
||||||
|
|
||||||
|
/federated/bin/stop discourse
|
||||||
|
/federated/bin/start discourse
|
||||||
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user