wurzel/fruitbasket
9
1
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity

mediawiki: enable keycloak

Browse source
This commit is contained in:
Rouven Seifert 2024-05-08 11:47:07 +02:00
parent a339235b33
commit 8ea250e387
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
2 changed files with 5 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
modules/wiki/fsr.nix
View file

@ -67,7 +67,7 @@ in
$wgPluggableAuth_Config["iFSR Login"] = [ $wgPluggableAuth_Config["iFSR Login"] = [
"plugin" => "OpenIDConnect", "plugin" => "OpenIDConnect",
"data" => [ "data" => [
"providerURL" => "${config.services.portunus.domain}/dex", "providerURL" => "https://sso.ifsr.de/realms/internal",
"clientID" => "wiki", "clientID" => "wiki",
"clientsecret" => file_get_contents('${config.sops.secrets."mediawiki/oidc_secret".path}'), "clientsecret" => file_get_contents('${config.sops.secrets."mediawiki/oidc_secret".path}'),
], ],
@ -94,11 +94,6 @@ in
}; };
}; };
portunus.dex.oidcClients = [{
id = "wiki";
callbackURL = "https://${domain}/Spezial:PluggableAuthLogin";
}];
nginx = { nginx = {
recommendedProxySettings = true; recommendedProxySettings = true;
virtualHosts.${domain} = { virtualHosts.${domain} = {

8
secrets/quitte.yaml
View file

@ -5,7 +5,7 @@ nix-serve:
keycloak: keycloak:
db: ENC[AES256_GCM,data:DVf/pVCHHUed2cQleECk0paBTZ/6Q3NE,iv:j3sWWNL0dqPJBLUx10+jJ7QvdAHvGM55KKDwG2aQEs0=,tag:6VTeE+Prsm+LPemzbEtVYg==,type:str] db: ENC[AES256_GCM,data:DVf/pVCHHUed2cQleECk0paBTZ/6Q3NE,iv:j3sWWNL0dqPJBLUx10+jJ7QvdAHvGM55KKDwG2aQEs0=,tag:6VTeE+Prsm+LPemzbEtVYg==,type:str]
dex: dex:
environment: ENC[AES256_GCM,data:M3fTrCJt8ncFRkZ77QPrDstoU/pO2r8AeYVu+VMWxnHT6VTtqVSQfgfb8LEryjInt8xbsSjGbsMqA4wbIkf8p2P5hvcKeZYSnmR+N3hz/NZamdzW4VqpBah7Yoe7wO0mi5ECDtp6xVZObzaS0E23N79vhXHWR63w4DalLQGNPJQVmgoib0wvGbVoCEIOBGHVb42nuyrtYInOoLYH58NVt/iU8HlKBUXWXtWa7M540RulahRxq44JxR9qg4TqhqlI0HPXJqMGRvHT80sq0fkA+TLi5O//4evKsYDJSajd4dp3QRPc8IpckE/YgIuj+6q3HMll5brOx2UKXu1nNLOoZbmx0XjXwgnh7+mun71dTM3C7DnM+vBYX671dukoeJ3vWTLRJn7bmlFET2NbxK5utGvGTUElzTqoS038GLjlkLOmalD+uEhQ6aoEVo2adNa5anRgwJkVcBxojuCMSLstTY/29lAQhk3ShG9kok6C52Ks1/YQz1rkfdUx3Tb0,iv:beNf5wvPTv7d7IzGZKTlLJUTaeFM43zzoBi8517pC+A=,tag:2kIM93eW8HFLVztzXSyo1w==,type:str] environment: ENC[AES256_GCM,data:cF7LKrMRBn1ZGSgN3mWw6ecZdonoRd2Ac+pIOYJ9KAvsapB4qDA1lJwMeFkZ9eJJLn8wj5k+DUfgfzxB7KPBpUzuMIvvN2mD3mlqrfMhi2yJVW1uwDLwV7urFCw6BZl9hsCGBfQ6/yC0KN8tC2k2K++E6rTZ5DOYRMWFJ5P/33BFqs0KuRA3Zduqf/u6mFyE3IgXukK0bGlMfbEwq46XGF1OQHJnCREMnL+UxM+9ah2ndXjCGHw3MP/BKt3DmJn/FqPywOB7/X/75z/K2o7M10GzoR3C0UPxK9eqiNPtZNCbbEmJ06N6oubxsq3w9HCk6/Dn31QYSpcOp6KJ89DE1DMklrJ8/C35HVnmUm0KILGv1FY8hjx+ZS5TVwW+uR8NEPM83rW4d4cebFf+QIoOUl/YHarSrUp9YfD1YnR3a8kb2Gb1cVkCVUAfuIU=,iv:1SuFyGIbag1q5bdqBdVS1KEuc4WhOaOhAvNll2tk3b8=,tag:Xg+rq+U7+6cfTgLrtRtPeg==,type:str]
portunus: portunus:
admin-password: ENC[AES256_GCM,data:fESE6vrKhtslQO6ZJGv0T9t+leOSrgkY291orkwY+HPnOh26g2PSMX3j,iv:qmbCmjg0WsbOzfv6LsKcY3S1ssVXmaRB3lE6ZWzKSww=,tag:t8cP8XRTtto3EnNLEdz0yw==,type:str] admin-password: ENC[AES256_GCM,data:fESE6vrKhtslQO6ZJGv0T9t+leOSrgkY291orkwY+HPnOh26g2PSMX3j,iv:qmbCmjg0WsbOzfv6LsKcY3S1ssVXmaRB3lE6ZWzKSww=,tag:t8cP8XRTtto3EnNLEdz0yw==,type:str]
search-password: ENC[AES256_GCM,data:xtbWS98IkQbnBu67sN413VNHZLg6eedbStE2uZ2pljS30uoM3coO2d32,iv:lKMTNnQJJfjAG7aX+G0eNnL36Cxmn+cWMRAlTovMJ4Y=,tag:FQGRBqsmY2c9VVIdBvGwCw==,type:str] search-password: ENC[AES256_GCM,data:xtbWS98IkQbnBu67sN413VNHZLg6eedbStE2uZ2pljS30uoM3coO2d32,iv:lKMTNnQJJfjAG7aX+G0eNnL36Cxmn+cWMRAlTovMJ4Y=,tag:FQGRBqsmY2c9VVIdBvGwCw==,type:str]
@ -17,7 +17,7 @@ grafana:
oidc_secret: ENC[AES256_GCM,data:oH+VCL4e4wve6RyVwlTXPSmirbf+STD5FxUj9OjGDLs=,iv:PhVVCy5JyRa+fOrYAsnjDL+97zYASmKcBzB8t9ZVWIU=,tag:JzGO/FeKem4vd7ApvZ2Zcg==,type:str] oidc_secret: ENC[AES256_GCM,data:oH+VCL4e4wve6RyVwlTXPSmirbf+STD5FxUj9OjGDLs=,iv:PhVVCy5JyRa+fOrYAsnjDL+97zYASmKcBzB8t9ZVWIU=,tag:JzGO/FeKem4vd7ApvZ2Zcg==,type:str]
mediawiki: mediawiki:
initial_admin: ENC[AES256_GCM,data:JzW2rgXQHXxj1e3vFhkXVkWSgrA3Y88KWlQ81hqUHw2UvnBH4GWtMXbZ,iv:zqKUyEaIOa/7hpwzjJPwk5gfqbEYJrE7Oc1Zqcqm3vo=,tag:T1gObIGtI4uVdpONvIXofA==,type:str] initial_admin: ENC[AES256_GCM,data:JzW2rgXQHXxj1e3vFhkXVkWSgrA3Y88KWlQ81hqUHw2UvnBH4GWtMXbZ,iv:zqKUyEaIOa/7hpwzjJPwk5gfqbEYJrE7Oc1Zqcqm3vo=,tag:T1gObIGtI4uVdpONvIXofA==,type:str]
oidc_secret: ENC[AES256_GCM,data:xK5XSAwa1NOLx+hQqcgrCdQZ/zXErkRL+UV7HCBqF/0=,iv:Vbdus4jzJPAyG4ymIPVjudeHofyqNpIStecVnbyYA6s=,tag:+8xYpJbWWAbswitDHMGCCA==,type:str] oidc_secret: ENC[AES256_GCM,data:dVycm0FcwfD0xJof58kIOkx77F6dIbpD1EHoF+CKuSM=,iv:zI6mmI4ZO2MJqzi7w+MUSOsiDkubX1GwOYdIRz3TpNo=,tag:A1Qd8ESakLjJki2epj8+Vg==,type:str]
mautrix-telegram_env: ENC[AES256_GCM,data:FyMtJChtir8Ip8S7zlBSvKccjt+7Hl0StHzxmKO7VdwNNA650HHfni9o7akIY52+r86tvP3D/bqHaBZqkq61ZNICnFJuYIkROvt1035uej1cdjlHeCrZBttI2w3ZkkKT/RZq5BOLt52o/fnw5Jlt+3yr6Kzd5mvcz6a2e5V96kFjaib6mMdg/Y6axiXvOSeFOHCjs6Js+ab7MDe90KUM3aLtBezXx9YTeU7RiqEiZl21dxzPIwilj8bhEB0RRIb1,iv:1ojF2NyQfaZbKwlHQND7LEOLWT1SWCpGPQTm2+0Y+xo=,tag:RavBAv49Ldm4rH+2DDGstQ==,type:str] mautrix-telegram_env: ENC[AES256_GCM,data:FyMtJChtir8Ip8S7zlBSvKccjt+7Hl0StHzxmKO7VdwNNA650HHfni9o7akIY52+r86tvP3D/bqHaBZqkq61ZNICnFJuYIkROvt1035uej1cdjlHeCrZBttI2w3ZkkKT/RZq5BOLt52o/fnw5Jlt+3yr6Kzd5mvcz6a2e5V96kFjaib6mMdg/Y6axiXvOSeFOHCjs6Js+ab7MDe90KUM3aLtBezXx9YTeU7RiqEiZl21dxzPIwilj8bhEB0RRIb1,iv:1ojF2NyQfaZbKwlHQND7LEOLWT1SWCpGPQTm2+0Y+xo=,tag:RavBAv49Ldm4rH+2DDGstQ==,type:str]
postfix_ldap_aliases: ENC[AES256_GCM,data:beJTXpJYlAz4vyv2rAyuMtU2gkwf4JNnsFAG0oKLWuKQZnX/EyqyGTFK7hOs12qye26H9Ysl5vP12iDyVXU4cyYmBOMSOiIS4opPVs7yjp/FH0u6DXHExzd8qs5vwa+D+c9j05kLVZ85EGneDma4ITNBjo/JMjyXCHB0e8EZTFyfR8+fq+qvuyOUmLBfJSO5BK96u370DJ7EmIPLDiCUSO2MCD86yfFEq5J++ljeuKLxUtisqFWDPNeNq3YGjz0EHUgcqqDwzLwEEXyvn5FEI00nR0qBgSBTSWRDrndo5O2k3JMfZWW9UhXXS4kPwCYEkQSM240cwLNV/Rb9XceH2wxzL8PcfTNiy2vd,iv:lb9u3ryu1+G95OIizX17ft+fGK2CA2xt9DhYhtKda1c=,tag:CsS2Q32AgAyS5eZ7Z/Kf8g==,type:str] postfix_ldap_aliases: ENC[AES256_GCM,data:beJTXpJYlAz4vyv2rAyuMtU2gkwf4JNnsFAG0oKLWuKQZnX/EyqyGTFK7hOs12qye26H9Ysl5vP12iDyVXU4cyYmBOMSOiIS4opPVs7yjp/FH0u6DXHExzd8qs5vwa+D+c9j05kLVZ85EGneDma4ITNBjo/JMjyXCHB0e8EZTFyfR8+fq+qvuyOUmLBfJSO5BK96u370DJ7EmIPLDiCUSO2MCD86yfFEq5J++ljeuKLxUtisqFWDPNeNq3YGjz0EHUgcqqDwzLwEEXyvn5FEI00nR0qBgSBTSWRDrndo5O2k3JMfZWW9UhXXS4kPwCYEkQSM240cwLNV/Rb9XceH2wxzL8PcfTNiy2vd,iv:lb9u3ryu1+G95OIizX17ft+fGK2CA2xt9DhYhtKda1c=,tag:CsS2Q32AgAyS5eZ7Z/Kf8g==,type:str]
vaultwarden_env: ENC[AES256_GCM,data:JFySiTHahlUFsM+FcuSJPnGYMijphrnZpFFdoNe7DYxWjIgPRWdfH9WC/a5GsK2xCJXllXAASHNxgkYRrdPw2KaCiUR/QhAjtUmyv2NsIBcMYStafDUEK9emddR+ACedScsgS0FtP8f3cz1enTBi+DkYgL8lMAoCw5p8vMRyE9mVOLpTUDOO7T4=,iv:992REuXzHAxxhy2BbeCGNhTZkn8eSi8N2RyBXqqy7U0=,tag:iP5AFQqzoR66AkTGfYAUZg==,type:str] vaultwarden_env: ENC[AES256_GCM,data:JFySiTHahlUFsM+FcuSJPnGYMijphrnZpFFdoNe7DYxWjIgPRWdfH9WC/a5GsK2xCJXllXAASHNxgkYRrdPw2KaCiUR/QhAjtUmyv2NsIBcMYStafDUEK9emddR+ACedScsgS0FtP8f3cz1enTBi+DkYgL8lMAoCw5p8vMRyE9mVOLpTUDOO7T4=,iv:992REuXzHAxxhy2BbeCGNhTZkn8eSi8N2RyBXqqy7U0=,tag:iP5AFQqzoR66AkTGfYAUZg==,type:str]
@ -52,8 +52,8 @@ sops:
c2lzVGV6WnVQT1pOTTVwRUxlMWZobWsK0CrDl2ELoYOTrMt3uN3mgBSyaYqOQY4I c2lzVGV6WnVQT1pOTTVwRUxlMWZobWsK0CrDl2ELoYOTrMt3uN3mgBSyaYqOQY4I
vBK12PV9FR9GFpKN4kGB03PZ0gV0N1zlcCHpnPCUuHwbCvvF2+vCag== vBK12PV9FR9GFpKN4kGB03PZ0gV0N1zlcCHpnPCUuHwbCvvF2+vCag==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-05-07T22:01:28Z" lastmodified: "2024-05-08T09:47:03Z"
mac: ENC[AES256_GCM,data:zL8TYp7ivjwjMpjC8FizCxq/OmdiD1hcKn8dnrrx/Lm07e/cjBf6MweJWBYLKwpigMOPeY7CvmCBW8EXvVao38n0zzNIoj1zFZRhnaxDoa961OkJ2WHduM9DCwvSN03wL8lOhT8dgBjsjR3Jzennfx5Mn2Q5cosfBBDWpaLl9sY=,iv:K5OKJSoXagU5CIzvJ37ikj3haTjMtQG0LBTCXqH4FYc=,tag:1n/MHnQCBlOIjNAXQJGanw==,type:str] mac: ENC[AES256_GCM,data:G5aVpO+IYdJH7i4RJWS/2Etb52iC0mj9EpTIsIys8LBrCd5x8aEh/ugDaO9J3ksZb92qBjr/mX84XGJJPdM3ZRoD6q1ECmz7/wtWQTibodzKPXK4xdnB/IfAWYSvxpwedvlt655qeJ0wYFj5iWC1hAGhm5XHsExE/C/U7VKBMVg=,iv:B07ncx34lrhaIN/1fseuJOBjYDXIeIvUQKgdqhxIkj8=,tag:dFMGZS/uxQ8s9+9KDrhjmQ==,type:str]
pgp: pgp:
- created_at: "2024-02-29T15:23:23Z" - created_at: "2024-02-29T15:23:23Z"
enc: |- enc: |-