From 0f909336c995351fbd4fe5b871011147feb921e1 Mon Sep 17 00:00:00 2001
From: Trammell Hudson <hudson@trmm.net>
Date: Thu, 5 May 2022 14:35:48 +0000
Subject: [PATCH] hedgedoc: move hard-coded domain name into env.secrets

---
 hedgedoc/docker-compose.yaml | 10 +---------
 hedgedoc/setup               |  9 +++++++++
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/hedgedoc/docker-compose.yaml b/hedgedoc/docker-compose.yaml
index c95012f..48c3e06 100644
--- a/hedgedoc/docker-compose.yaml
+++ b/hedgedoc/docker-compose.yaml
@@ -22,15 +22,7 @@ services:
       - CMD_ALLOW_ANONYMOUS=false  # anonymous user's can't create notes
       - CMD_ALLOW_ANONYMOUS_EDITS=true # but they can be invited to edit notes
       - CMD_EMAIL=false # only oauth logins
-      - CMD_DOMAIN=docs.hackerspace.zone
-      - CMD_OAUTH2_AUTHORIZATION_URL=https://login.hackerspace.zone/realms/hackerspace/protocol/openid-connect/auth
-      - CMD_OAUTH2_TOKEN_URL=https://login.hackerspace.zone/realms/hackerspace/protocol/openid-connect/token
-      - CMD_OAUTH2_USER_PROFILE_URL=https://login.hackerspace.zone/realms/hackerspace/protocol/openid-connect/userinfo
-      - CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username
-      - CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name
-      - CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
-      - CMD_OAUTH2_CLIENT_ID=hedgedoc
-      - CMD_OAUTH2_PROVIDERNAME=Keycloak
+      # DOMAIN and OAUTH2 variables are now in env.secret
     volumes:
       - ../data/hedgedoc/uploads:/hedgedoc/public/uploads
     ports:
diff --git a/hedgedoc/setup b/hedgedoc/setup
index b7e4d86..b38face 100755
--- a/hedgedoc/setup
+++ b/hedgedoc/setup
@@ -24,6 +24,15 @@ cat <<EOF > "$SECRETS"
 # DO NOT CHECK IN
 CMD_OAUTH2_CLIENT_SECRET=$CLIENT_SECRET
 CMD_SESSION_SECRET=$SESSION_SECRET
+CMD_DOMAIN=${HEDGEDOC_HOSTNAME}
+CMD_OAUTH2_AUTHORIZATION_URL=https://${KEYCLOAK_HOSTNAME}/realms/${REALM}/protocol/openid-connect/auth
+CMD_OAUTH2_TOKEN_URL=https://${KEYCLOAK_HOSTNAME}/realms/${REALM}/protocol/openid-connect/token
+CMD_OAUTH2_USER_PROFILE_URL=https://${KEYCLOAK_HOSTNAME}/realms/${REALM}/protocol/openid-connect/userinfo
+CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username
+CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name
+CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
+CMD_OAUTH2_CLIENT_ID=hedgedoc
+CMD_OAUTH2_PROVIDERNAME=Keycloak
 EOF
 
 ../keycloak/client-delete hedgedoc