bero/test
1
0
Fork 0
Code Issues 52 Pull Requests 3 Actions Packages Projects Releases Wiki Activity

Added SSO to wordpress.sh

Browse Source
This commit is contained in:
root 2024-08-28 15:32:03 +00:00
parent 891813bbaa
commit c836dda371
1 changed files with 68 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
lib/wordpress.sh
View File

@ -32,6 +32,8 @@ services:
- ./.env - ./.env
extra_hosts: extra_hosts:
- "www.$DOMAIN:$EXTERNALIP" - "www.$DOMAIN:$EXTERNALIP"
- "listmonk.$DOMAIN:$EXTERNALIP"
- "authelia.$DOMAIN:$EXTERNALIP"
volumes: volumes:
- ./data/bitnami/wordpress:/bitnami/wordpress - ./data/bitnami/wordpress:/bitnami/wordpress
labels: labels:
@ -188,6 +190,72 @@ uninstall_wordpress() {
# Delete the app directory # Delete the app directory
rm -rf /federated/apps/wordpress rm -rf /federated/apps/wordpress
# Delete the image
docker image rm bitnami/wordpress:$IMAGE_VERSION &> /dev/null
# Delete the DNS record
docker exec pdns pdnsutil delete-rrset $DOMAIN wordpress A
docker exec pdns pdnsutil delete-rrset $DOMAIN www A
# Uninstall the SSO configuration if it exists in authelia (authelia must exist too)
if [[ $(grep "### Wordpress" /federated/apps/authelia/data/config/idproviders.yml 2>/dev/null) ]]; then
sed -i '/### Wordpress/,/### /{/### PowerDNS/!{/### /!d}}' /federated/apps/authelia/data/config/idproviders.yml
sed -i '/### Wordpress/d' /federated/apps/authelia/data/config/idproviders.yml
/federated/bin/stop authelia
/federated/bin/start authelia
fi
kill -9 $SPINPID &> /dev/null kill -9 $SPINPID &> /dev/null
echo -ne "done.\n" echo -ne "done.\n"
} }
configsso_wordpress() {
[ ! -d "/federated/apps/authelia" ] && failcheck "Authelia is not installed. You need this first before continuing."
[ ! -f "/federated/apps/authelia/data/config/idproviders.yml" ] && failcheck "Authelia idproviders.yml is missing."
[[ $(grep "### Wordpress" /federated/apps/authelia/data/config/idproviders.yml 2>/dev/null) ]] && failcheck "Authelia already has a Wordpress configuration."
WORDPRESS_CLIENT_SECRET=$(create_password);
WORDPRESS_CLIENT_SECRET_HASH=$(docker run -it --rm authelia/authelia:latest authelia crypto hash generate pbkdf2 --password $WORDPRESS_CLIENT_SECRET | awk '{ print $2 }')
cat >> /federated/apps/authelia/data/config/idproviders.yml <<EOF
### Wordpress
- client_id: 'wordpress'
client_name: 'WordPress'
client_secret: $WORDPRESS_CLIENT_SECRET_HASH
consent_mode: 'implicit'
public: false
authorization_policy: 'one_factor'
redirect_uris:
- 'https://$DOMAIN/wp-admin/admin-ajax.php?action=openid-connect-authorize'
scopes:
- 'openid'
- 'profile'
- 'email'
- 'groups'
userinfo_signed_response_alg: 'none'
token_endpoint_auth_method: 'client_secret_post'
EOF
# Restart Authelia for changes to take the above configuration
/federated/bin/stop authelia
/federated/bin/start authelia
sed -i "/Add any custom values/a \
define( 'OIDC_CLIENT_ID', 'wordpress' );\n\
define( 'OIDC_CLIENT_SECRET', '$WORDPRESS_CLIENT_SECRET' );\n\
define( 'OIDC_ENDPOINT_LOGIN_URL', 'https://authelia.$DOMAIN/api/oidc/authorization' );\n\
define( 'OIDC_ENDPOINT_USERINFO_URL', 'https://authelia.$DOMAIN/api/oidc/userinfo' );\n\
define( 'OIDC_ENDPOINT_TOKEN_URL', 'https://authelia.$DOMAIN/api/oidc/token' );\n\
define( 'OIDC_ENDPOINT_LOGOUT_URL', 'https://authelia.$DOMAIN/logout' );\n\
define( 'OIDC_CLIENT_SCOPE', 'openid profile email groups' );\n\
define( 'OIDC_LOGIN_TYPE', 'button' );\n\
define( 'OIDC_CREATE_IF_DOES_NOT_EXIST', '1' );\n\
define( 'OIDC_LINK_EXISTING_USERS', '1' );\n\
define( 'OIDC_REDIRECT_USER_BACK', '1' );\n\
define( 'OIDC_REDIRECT_ON_LOGOUT', '1' );\n" /federated/apps/wordpress/data/bitnami/wordpress/wp-config.php
docker exec wordpress wp plugin install daggerhart-openid-connect-generic &> /dev/null
docker exec wordpress wp plugin activate daggerhart-openid-connect-generic &> /dev/null
/federated/bin/stop wordpress
/federated/bin/start wordpress
}