Updated discourse.sh with new plus fixes
This commit is contained in:
parent
e2c0a302e2
commit
565accdb22
@ -41,7 +41,7 @@ services:
|
||||
- ./data/discourse/log:/opt/bitnami/discourse/log
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.discourse.rule=Host(\`discourse.$DOMAIN\`) || Host(\`forum.$DOMAIN\`)"
|
||||
- "traefik.http.routers.discourse.rule=Host(\`discourse.$DOMAIN\`, \`forum.$DOMAIN\`)"
|
||||
- "traefik.http.routers.discourse.entrypoints=websecure"
|
||||
- "traefik.http.routers.discourse.tls.certresolver=letsencrypt"
|
||||
logging:
|
||||
@ -158,17 +158,6 @@ start_discourse() {
|
||||
docker exec pdns pdnsutil add-record $DOMAIN forum A 86400 $EXTERNALIP &> /dev/null
|
||||
fi
|
||||
|
||||
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake plugin:install repo=https://github.com/discourse/discourse-openid-connect"
|
||||
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake assets:precompile"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('31', 'openid_connect_enabled', '5', 't', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('32', 'openid_connect_discovery_document', '1', 'https://authelia.$DOMAIN/.well-known/openid-configuration', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('33', 'openid_connect_client_id', '1', 'discourse', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('34', 'openid_connect_authorize_scope', '1', 'openid email profile', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('36', 'openid_connect_client_secret', '1', 'asdfsaf123231x23432432', NOW(), NOW());"
|
||||
|
||||
/federated/bin/stop discourse
|
||||
/federated/bin/start discourse
|
||||
|
||||
echo -ne "done.\n"
|
||||
}
|
||||
email_discourse() {
|
||||
@ -266,3 +255,65 @@ uninstall_discourse() {
|
||||
|
||||
echo -ne "done.\n"
|
||||
}
|
||||
configsso_discourse() {
|
||||
if [[ "${PLUS}" != "true" ]]; then
|
||||
echo -ne "* Configuring discourse container with SSO.."
|
||||
|
||||
[ ! -d "/federated/apps/authelia" ] && failcheck "Authelia is not installed. You need this first before continuing."
|
||||
[ ! -f "/federated/apps/authelia/data/config/idproviders.yml" ] && failcheck "Authelia idproviders.yml is missing."
|
||||
[[ $(grep "### Discourse" /federated/apps/authelia/data/config/idproviders.yml 2>/dev/null) ]] && failcheck "Authelia already has a Discourse configuration."
|
||||
|
||||
DISCOURSE_CLIENT_SECRET=$(create_password);
|
||||
DISCOURSE_CLIENT_SECRET_HASH=$(docker run --rm authelia/authelia:latest authelia crypto hash generate pbkdf2 --password $DISCOURSE_CLIENT_SECRET | awk '{ print $2 }')
|
||||
|
||||
cat >> /federated/apps/authelia/data/config/idproviders.yml <<EOF
|
||||
### Discourse
|
||||
- client_id: 'discourse'
|
||||
client_name: 'Discourse'
|
||||
client_secret: $DISCOURSE_CLIENT_SECRET_HASH
|
||||
consent_mode: 'implicit'
|
||||
public: false
|
||||
authorization_policy: 'one_factor'
|
||||
redirect_uris:
|
||||
- 'https://discourse.$DOMAIN/auth/oidc/callback'
|
||||
scopes:
|
||||
- 'openid'
|
||||
- 'profile'
|
||||
- 'email'
|
||||
- 'groups'
|
||||
userinfo_signed_response_alg: 'none'
|
||||
token_endpoint_auth_method: 'client_secret_basic'
|
||||
EOF
|
||||
|
||||
# Restart Authelia for changes to take the above configuration
|
||||
run_command "/federated/bin/stop authelia"
|
||||
run_command "/federated/bin/start authelia"
|
||||
|
||||
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake plugin:install repo=https://github.com/discourse/discourse-openid-connect"
|
||||
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake assets:precompile"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('31', 'openid_connect_enabled', '5', 't', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('32', 'openid_connect_discovery_document', '1', 'https://authelia.$DOMAIN/.well-known/openid-configuration', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('33', 'openid_connect_client_id', '1', 'discourse', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('34', 'openid_connect_authorize_scope', '1', 'openid email profile', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('36', 'openid_connect_client_secret', '1', '$DISCOURSE_CLIENT_SECRET', NOW(), NOW());"
|
||||
|
||||
/federated/bin/stop discourse
|
||||
/federated/bin/start discourse
|
||||
|
||||
echo -ne "done.\n"
|
||||
fi
|
||||
}
|
||||
configsso_discourse_plus() {
|
||||
DISCOURSE_CLIENT_SECRET=$(cat /federated/apps/discourse/.discourse.client.secret)
|
||||
|
||||
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake plugin:install repo=https://github.com/discourse/discourse-openid-connect"
|
||||
docker exec discourse bash -c "cd /opt/bitnami/discourse && RAILS_ENV=production bundle exec rake assets:precompile"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('31', 'openid_connect_enabled', '5', 't', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('32', 'openid_connect_discovery_document', '1', 'https://authelia.$DOMAIN/.well-known/openid-configuration', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('33', 'openid_connect_client_id', '1', 'discourse', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('34', 'openid_connect_authorize_scope', '1', 'openid email profile', NOW(), NOW());"
|
||||
docker exec postgresql psql -U discourse -c "insert into site_settings (id, name, data_type, value, created_at, updated_at) VALUES ('36', 'openid_connect_client_secret', '1', '$DISCOURSE_CLIENT_SECRET', NOW(), NOW());"
|
||||
|
||||
/federated/bin/stop discourse
|
||||
/federated/bin/start discourse
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user