Trammell Hudson
3 years ago
parent
6d3cf7a4d6
commit
84edb86a34
@ -1,9 +1,9 @@ |
|||||||
# gitea |
# gitea |
||||||
|
|
||||||
OpenID setup doesn't work out of the box. The open id provider must be configured: |
After the `setup` script has run, the website *still* requires a click to finish the installation. |
||||||
|
Once that is done it will break since the OpenID login has not yet been configured. Run this to |
||||||
|
fix it. |
||||||
|
|
||||||
* Authentication name: `keycloak` |
``` |
||||||
* OAuth2 Provider: `OpenID Connect` |
./add-auth |
||||||
* Client key: `gitea` |
``` |
||||||
* Client secret: (copy from `../data/gitea/env.secrets`) |
|
||||||
* Discovery URL: https://login.hackerspace.zone/realms/hackerspace/.well-known/openid-configuration |
|
||||||
|
|||||||
@ -0,0 +1,66 @@ |
|||||||
|
#!/bin/bash |
||||||
|
# run this *after* initializing the database by clicking on the ok |
||||||
|
# issue filed https://github.com/go-gitea/gitea/issues/19616 |
||||||
|
source ../env.production |
||||||
|
source ./env.production |
||||||
|
source ../data/gitea/env.secrets |
||||||
|
|
||||||
|
|
||||||
|
true || curl "https://${GITEA_HOSTNAME}/" \ |
||||||
|
-v \ |
||||||
|
-X POST \ |
||||||
|
-H 'Origin: null' \ |
||||||
|
-H 'Connection: keep-alive' \ |
||||||
|
-H 'Upgrade-Insecure-Requests: 1' \ |
||||||
|
-H 'Sec-Fetch-Dest: document' \ |
||||||
|
-H 'Sec-Fetch-Mode: navigate' \ |
||||||
|
-H 'Sec-Fetch-Site: same-origin' \ |
||||||
|
-H 'Sec-Fetch-User: ?1' \ |
||||||
|
-H 'TE: trailers' \ |
||||||
|
-H 'Cookie: i_like_gitea=ac81483e536b3641' \ |
||||||
|
-F "db_type=postgres" \ |
||||||
|
-F "db_host=db:5432" \ |
||||||
|
-F "db_user=gitea" \ |
||||||
|
-F "db_passwd=gitea" \ |
||||||
|
-F "db_name=gitea" \ |
||||||
|
-F "ssl_mode=disable" \ |
||||||
|
-F "db_schema=" \ |
||||||
|
-F "charset=utf8" \ |
||||||
|
-F "db_path=/data/gitea/gitea.db" \ |
||||||
|
-F "app_name=${REALM} Gitea" \ |
||||||
|
-F "repo_root_path=/data/git/repositories" \ |
||||||
|
-F "lfs_root_path=/data/git/lfs" \ |
||||||
|
-F "run_user=git" \ |
||||||
|
-F "domain=${GITEA_HOSTNAME}" \ |
||||||
|
-F "ssh_port=22" \ |
||||||
|
-F "http_port=3000" \ |
||||||
|
-F "app_url=https://${GITEA_HOSTNAME}/" \ |
||||||
|
-F "log_root_path=/data/gitea/log" \ |
||||||
|
-F "smtp_host=" \ |
||||||
|
-F "smtp_from=" \ |
||||||
|
-F "smtp_user=" \ |
||||||
|
-F "smtp_passwd=" \ |
||||||
|
-F "enable_federated_avatar=on" \ |
||||||
|
-F "enable_open_id_sign_in=on" \ |
||||||
|
-F "allow_only_external_registration=on" \ |
||||||
|
-F "default_allow_create_organization=on" \ |
||||||
|
-F "default_enable_timetracking=on" \ |
||||||
|
-F "no_reply_address=noreply.${GITEA_HOSTNAME}" \ |
||||||
|
-F "password_algorithm=pbkdf2" \ |
||||||
|
-F "admin_name=root" \ |
||||||
|
-F "admin_passwd=${GITEA_ADMIN_PASSWORD}" \ |
||||||
|
-F "admin_confirm_passwd=${GITEA_ADMIN_PASSWORD}" \ |
||||||
|
-F "admin_email=" \ |
||||||
|
|| die "unable to initiate install" |
||||||
|
|
||||||
|
|
||||||
|
docker-compose exec -u git gitea \ |
||||||
|
gitea admin auth add-oauth \ |
||||||
|
--name "keycloak" \ |
||||||
|
--provider "openidConnect" \ |
||||||
|
--key "gitea" \ |
||||||
|
--secret "$GITEA_CLIENT_SECRET" \ |
||||||
|
--auto-discover-url "https://${KEYCLOAK_HOSTNAME}/realms/${REALM}/.well-known/openid-configuration" \ |
||||||
|
--group-claim-name "groups" \ |
||||||
|
--admin-group "admin" \ |
||||||
|
|| die "unable to add oauth interface" |
||||||
Loading…
Reference in new issue