diff options
author | Lauri Ojansivu <x@xet7.org> | 2019-02-12 03:09:30 +0200 |
---|---|---|
committer | Lauri Ojansivu <x@xet7.org> | 2019-02-12 03:09:30 +0200 |
commit | 59314ab17d65e9579d2f29b32685b7777f2a06a1 (patch) | |
tree | fb789f2737fabe34244227cb8960fa77562c4232 /docker-compose.yml | |
parent | 4de9848e34b0a1771747afdf970e9073c50f3e75 (diff) | |
download | wekan-59314ab17d65e9579d2f29b32685b7777f2a06a1.tar.gz wekan-59314ab17d65e9579d2f29b32685b7777f2a06a1.tar.bz2 wekan-59314ab17d65e9579d2f29b32685b7777f2a06a1.zip |
- Add OIDC claim mapping parameters to docker-compose.yml/Snap/Source.
Thanks to xet7 !
Diffstat (limited to 'docker-compose.yml')
-rw-r--r-- | docker-compose.yml | 102 |
1 files changed, 66 insertions, 36 deletions
diff --git a/docker-compose.yml b/docker-compose.yml index 2d1757c8..869415a8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -219,23 +219,19 @@ services: - WITH_API=true #----------------------------------------------------------------- # ==== CORS ===== - # CORS: Set Access-Control-Allow-Origin header. Example: * + # CORS: Set Access-Control-Allow-Origin header. #- CORS=* #----------------------------------------------------------------- # ==== MATOMO INTEGRATION ==== # Optional: Integration with Matomo https://matomo.org that is installed to your server # The address of the server where Matomo is hosted. - # example: - MATOMO_ADDRESS=https://example.com/matomo - #- MATOMO_ADDRESS= + #- MATOMO_ADDRESS=https://example.com/matomo # The value of the site ID given in Matomo server for Wekan - # example: - MATOMO_SITE_ID=12345 - #- MATOMO_SITE_ID= + #- MATOMO_SITE_ID=1 # The option do not track which enables users to not be tracked by matomo - # example: - MATOMO_DO_NOT_TRACK=false - #- MATOMO_DO_NOT_TRACK= + #- MATOMO_DO_NOT_TRACK=true # The option that allows matomo to retrieve the username: - # example: MATOMO_WITH_USERNAME=true - #- MATOMO_WITH_USERNAME=false + #- MATOMO_WITH_USERNAME=true #----------------------------------------------------------------- # ==== BROWSER POLICY AND TRUSTED IFRAME URL ==== # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside. @@ -243,41 +239,75 @@ services: # and allows all iframing etc. See wekan/server/policy.js - BROWSER_POLICY_ENABLED=true # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside. - #- TRUSTED_URL= + #- TRUSTED_URL=https://intra.example.com #----------------------------------------------------------------- # ==== OUTGOING WEBHOOKS ==== # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId . - # example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId - #- WEBHOOKS_ATTRIBUTES= + #- WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId #----------------------------------------------------------------- - # ==== OAUTH2 ONLY WITH OIDC AND DOORKEEPER AS INDENTITY PROVIDER + # ==== Debug OIDC OAuth2 etc ==== + #- DEBUG=true + #----------------------------------------------------------------- + # ==== OAUTH2 AZURE ==== + # https://github.com/wekan/wekan/wiki/Azure + # 1) Register the application with Azure. Make sure you capture + # the application ID as well as generate a secret key. + # 2) Configure the environment variables. This differs slightly + # by installation type, but make sure you have the following: + #- OAUTH2_ENABLED=true + # Application GUID captured during app registration: + #- OAUTH2_CLIENT_ID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx + # Secret key generated during app registration: + #- OAUTH2_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + #- OAUTH2_SERVER_URL=https://login.microsoftonline.com/ + #- OAUTH2_AUTH_ENDPOINT=/oauth2/v2.0/authorize + #- OAUTH2_USERINFO_ENDPOINT=https://graph.microsoft.com/oidc/userinfo + #- OAUTH2_TOKEN_ENDPOINT=/oauth2/v2.0/token + # The claim name you want to map to the unique ID field: + #- OAUTH2_ID_MAP=email + # The claim name you want to map to the username field: + #- OAUTH2_USERNAME_MAP=email + # The claim name you want to map to the full name field: + #- OAUTH2_FULLNAME_MAP=name + # Tthe claim name you want to map to the email field: + #- OAUTH2_EMAIL_MAP=email + #----------------------------------------------------------------- + # ==== OAUTH2 KEYCLOAK ==== + # https://github.com/wekan/wekan/wiki/Keycloak <== MAPPING INFO, REQUIRED + #- OAUTH2_ENABLED=true + #- OAUTH2_CLIENT_ID=<Keycloak create Client ID> + #- OAUTH2_SERVER_URL=<Keycloak server name>/auth + #- OAUTH2_AUTH_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/auth + #- OAUTH2_USERINFO_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/userinfo + #- OAUTH2_TOKEN_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/token + #- OAUTH2_SECRET=<keycloak client secret> + #----------------------------------------------------------------- + # ==== OAUTH2 DOORKEEPER ==== # https://github.com/wekan/wekan/issues/1874 # https://github.com/wekan/wekan/wiki/OAuth2 # Enable the OAuth2 connection - # example: OAUTH2_ENABLED=true - #- OAUTH2_ENABLED=false + #- OAUTH2_ENABLED=true # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2 - # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345 - # example: OAUTH2_CLIENT_ID=abcde12345 - #- OAUTH2_CLIENT_ID= - # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde - # example: OAUTH2_SECRET=54321abcde - #- OAUTH2_SECRET= - # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com - # example: OAUTH2_SERVER_URL=https://chat.example.com - #- OAUTH2_SERVER_URL= - # OAuth2 Authorization Endpoint. Example: /oauth/authorize - # example: OAUTH2_AUTH_ENDPOINT=/oauth/authorize - #- OAUTH2_AUTH_ENDPOINT= - # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo - # example: OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo - #- OAUTH2_USERINFO_ENDPOINT= - # OAuth2 Token Endpoint. Example: /oauth/token - # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token - #- OAUTH2_TOKEN_ENDPOINT= - #----------------------------------------------------------------- - # Debug OIDC OAuth2 etc - #- DEBUG=true + # OAuth2 Client ID. + #- OAUTH2_CLIENT_ID=abcde12345 + # OAuth2 Secret. + #- OAUTH2_SECRET=54321abcde + # OAuth2 Server URL. + #- OAUTH2_SERVER_URL=https://chat.example.com + # OAuth2 Authorization Endpoint. + #- OAUTH2_AUTH_ENDPOINT=/oauth/authorize + # OAuth2 Userinfo Endpoint. + #- OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo + # OAuth2 Token Endpoint. + #- OAUTH2_TOKEN_ENDPOINT=/oauth/token + # OAuth2 ID Mapping + #- OAUTH2_ID_MAP= + # OAuth2 Username Mapping + #- OAUTH2_USERNAME_MAP= + # OAuth2 Fullname Mapping + #- OAUTH2_FULLNAME_MAP= + # OAuth2 Email Mapping + #- OAUTH2_EMAIL_MAP= #----------------------------------------------------------------- # ==== LDAP ==== # https://github.com/wekan/wekan/wiki/LDAP |