forked from DGNum/infrastructure
chore(kanidm): Update origin uris, oauth2 endpoints and switch to 1.4
This commit is contained in:
parent
8c8093b778
commit
200104bf84
7 changed files with 65 additions and 57 deletions
|
@ -18,9 +18,9 @@ in
|
|||
|
||||
settings = {
|
||||
"auth.generic_oauth" = {
|
||||
api_url = "https://sso.dgnum.eu/oauth2/openid/grafana_dgn/userinfo";
|
||||
api_url = "https://sso.dgnum.eu/oauth2/openid/dgn_grafana/userinfo";
|
||||
auth_url = "https://sso.dgnum.eu/ui/oauth2";
|
||||
client_id = "grafana_dgn";
|
||||
client_id = "dgn_grafana";
|
||||
client_secret = file "oauth_client_secret";
|
||||
enabled = true;
|
||||
id_token_attribute_name = "sub";
|
||||
|
|
|
@ -49,7 +49,7 @@ in
|
|||
services.kanidm = {
|
||||
enableServer = true;
|
||||
|
||||
package = pkgs.kanidm_1_3;
|
||||
package = pkgs.kanidm_1_4;
|
||||
|
||||
serverSettings = {
|
||||
inherit domain;
|
||||
|
@ -96,7 +96,7 @@ in
|
|||
dgn_grafana = {
|
||||
displayName = "Grafana [Analysis]";
|
||||
originLanding = "https://grafana.dgnum.eu";
|
||||
originUrl = "https://grafana.dgnum.eu/";
|
||||
originUrl = "https://grafana.dgnum.eu/login/generic_oauth";
|
||||
preferShortUsername = true;
|
||||
|
||||
scopeMaps.grp_active = [
|
||||
|
@ -111,7 +111,7 @@ in
|
|||
displayName = "LibreNMS [Network]";
|
||||
enableLegacyCrypto = true;
|
||||
originLanding = "https://nms.dgnum.eu";
|
||||
originUrl = "https://nms.dgnum.eu/";
|
||||
originUrl = "https://nms.dgnum.eu/auth/kanidm/callback";
|
||||
preferShortUsername = true;
|
||||
|
||||
scopeMaps.grp_active = [
|
||||
|
@ -125,7 +125,7 @@ in
|
|||
displayName = "Netbird [VPN]";
|
||||
enableLocalhostRedirects = true;
|
||||
originLanding = "https://netbird.dgnum.eu";
|
||||
originUrl = "https://netbird.dgnum.eu/";
|
||||
originUrl = "https://netbird.dgnum.eu/index";
|
||||
preferShortUsername = true;
|
||||
public = true;
|
||||
|
||||
|
@ -141,7 +141,7 @@ in
|
|||
displayName = "Netbox [Inventory]";
|
||||
enableLegacyCrypto = true;
|
||||
originLanding = "https://netbox.dgnum.eu";
|
||||
originUrl = "https://netbox.dgnum.eu/";
|
||||
originUrl = "https://netbox.dgnum.eu/oauth/complete/oidc/";
|
||||
preferShortUsername = true;
|
||||
|
||||
scopeMaps.grp_active = [
|
||||
|
@ -153,9 +153,10 @@ in
|
|||
|
||||
dgn_outline = {
|
||||
displayName = "Outline [Docs]";
|
||||
originUrl = "https://docs.dgnum.eu/";
|
||||
originUrl = "https://docs.dgnum.eu/auth/oidc.callback";
|
||||
originLanding = "https://docs.dgnum.eu";
|
||||
preferShortUsername = true;
|
||||
allowInsecureClientDisablePkce = true;
|
||||
|
||||
scopeMaps.grp_active = [
|
||||
"openid"
|
||||
|
|
|
@ -28,10 +28,10 @@ in
|
|||
publicUrl = "https://${host}";
|
||||
|
||||
oidcAuthentication = {
|
||||
clientId = "outline_dgn";
|
||||
clientId = "dgn_outline";
|
||||
authUrl = "https://sso.dgnum.eu/ui/oauth2";
|
||||
tokenUrl = "https://sso.dgnum.eu/oauth2/token";
|
||||
userinfoUrl = "https://sso.dgnum.eu/oauth2/openid/outline_dgn/userinfo";
|
||||
userinfoUrl = "https://sso.dgnum.eu/oauth2/openid/dgn_outline/userinfo";
|
||||
displayName = "DGNum SSO";
|
||||
|
||||
clientSecretFile = config.age.secrets."outline-oidc_client_secret_file".path;
|
||||
|
|
|
@ -1,24 +1,28 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 tDqJRg ukyCbDqq1/18sjxWxyCCwYgYDavNcRq5cBvpZoqSKVQ
|
||||
2lmz4ONDnXiW0+FqLwi4OVOClm96YU6NUMxeLcwyqhI
|
||||
-> ssh-ed25519 jIXfPA MNspuPXKkP/fUp3qoPDmew+htam1l8JczSCCZFil6zE
|
||||
1ugIhchyaumzv/izKFq1dCer6QPfLt6Fv2rIiU6rzGs
|
||||
-> ssh-ed25519 QlRB9Q teomppq6nVFhnQFELI/sQNCRuMGNs2Tu6AY/PMWAzzI
|
||||
LDLn1CsC9xqBBszdp4TZV/uCaYHBb65HS5eoG2+vfzU
|
||||
-> ssh-ed25519 r+nK/Q GK/IVVvWVNjq1Fa8DKvljC1pD4OUz3MsM+VjROVYfSA
|
||||
jJ2vK3HFkOGzrxvQJg6PayrEhOPVyvAZS29IEfKRbhs
|
||||
-> ssh-ed25519 jIXfPA jjStc+COqzn2fkEU5y9p+h3KPL7ip0Sk7wwdjGME5Ag
|
||||
2eYwXQs/IbgzeEP1vFy9OLOhPVnyq4cki7voHSXKomQ
|
||||
-> ssh-ed25519 QlRB9Q rqJ1GzzA5IMgZoQD/u35k/qVr1GEbicWGCpDwzbSoRQ
|
||||
cqGLtH53VWP5Z21pjllWRGRO2PkMSOQftF/WHAldW0Q
|
||||
-> ssh-ed25519 r+nK/Q oPY6OIrUHYr3NSOes0KGNBjZJse4bNso3nGoKfqdOgw
|
||||
8CJeNP6AdhUTWFTiYpswsottSI1C25RGOMaxHsnAeNc
|
||||
-> ssh-rsa krWCLQ
|
||||
XywRp0R34ulA6AhRloj+OonbP3ZmvWvnxko+KSBNZHUEO3P84N/UTSJLhTJrJHps
|
||||
uYWhOO1VXMdOmu8+s2ymvsFFHZlQ1Ngr28/8Cb4InYbOcjc1jGsA/laSFelGG/qZ
|
||||
CxoSw59oga+wssAf7NRVDY0GLtZIhdACnlfCodBnwGgr7MrO/jtv6wUcNtTQwqyg
|
||||
k6JvmeXVO54sAbcICfDNHiWLejOA9B1tQ4biAtNZrw2BRh1siXVcjtrlkjdfqsc4
|
||||
4R/EDAYLHIMBnG/6Qpp5H3vPEEdwtaU2Tcd5RZHxWR+8ZjFFhLsZaGQZ5GxzlVOW
|
||||
qd63AwlEvNGOSIMXBqc+tQ
|
||||
-> ssh-ed25519 /vwQcQ Qm4OViiUxA0eIAiP+tPi+q9Uw+dluFKGi4J35q6dr3A
|
||||
Byx5ohtc05YfpZhcZew6P7g90KEMammQ0KgvtRGAhBk
|
||||
-> ssh-ed25519 0R97PA YKE87fWy7Gix4dk+YOqTkMMFyG1mTVjroO/I6rHtLXQ
|
||||
o9O664qMLUIEwxti17O4VByFCMmOZ4vTtPH5qNscGnU
|
||||
-> ssh-ed25519 JGx7Ng NfuL52cirg0LkXcoF3a0GYJx82Bt50YS9cpEnDH27T8
|
||||
OdqOs4ViSnW1fWZ5GLro4Z5afqmnGya6TsoKr3aZs0w
|
||||
--- oqm2jb9ZHSHAhbxUYWDxQW/FaPwiq3iFr6RIX1nHCYo
|
||||
ì©šÎj½ó˪f¾©Fyz#ö뤄å…ùÕâ íz‰z¥}´ýÂø9(!SÂöÛ<C3B6>$³
¸ûz2kªÈCæ<43>¦J¬T…Ÿ”þG<C3BE>‚€³“Z_àÑ
|
||||
BseveWlNY2C1A37CKs6rUBmJWDeYwr4JE6fGtjtvJG6oVaanIQqpAA0PkML1IG1V
|
||||
tTimA7j4L8RT01UmHdpcWQUdR2ZjGBznFCfT46yW2/W/uCxrtHdRJKFur8ZZVfqg
|
||||
3NNHTe87liDf9L1izNAhcMOWlSWXsDbj/xUYw07yopXoH9lA9bmbDytZp5oxrN5v
|
||||
JLlWjfoiKu92RAUxobfqra2TUFM98ljAX0U2jv+Vadyz2HiDV0WRl3rsymlDNyQp
|
||||
rWZRfNKmM4VVrBTB6raatgfdYaj9m3xN9x6xyTfz1Jw1etClrnvdTJOyROxR10B8
|
||||
qJ10Vvy1cu1Yt3aTzmBSpQ
|
||||
-> ssh-ed25519 /vwQcQ lBUUIhJo1cwZJAD8yEkPEjc3Wm5laQ4+oL47g0UUzDI
|
||||
oDMv1BAaAuoWL/lWb08l7sfz7Hjt7syFGxKlJ90IWx4
|
||||
-> ssh-ed25519 0R97PA oJ/bnbgfrfnozCOWyhPGrdhDD1N2VFVOhN56py0Lvic
|
||||
3MFXDBDOASpUqg9ZkBCQDc7oCaJSyc77cEHYZ41O8Fk
|
||||
-> ssh-ed25519 JGx7Ng lnd0RjCT6leBvk4uLXYWt+BeqstIycHYtWkbEhUqPjI
|
||||
i9IVIwDe80nRV8jk3YLqyqDXzatC0PwGM6yMmZT8DeA
|
||||
-> ssh-ed25519 bUjjig MFRe8FP5AQPHAUfLr3VLNAqEnnYI8wThQbFunl8fuj0
|
||||
U5//sg3BRjSvp4NbH9RqD9vugee3cEnNDRuKLaf506I
|
||||
-> ssh-ed25519 tDqJRg txHQKcCUKCAxc0/ZYL1IqeXfbjlGz74ccKZ7kj2bVSw
|
||||
4YzZQw7PyPGBoWw6GuBsdQo3p3f+XEbOdpGCXfOeHic
|
||||
-> IOpsGs-grease
|
||||
JFzNAbIaA7nJkfBBACoJDaQsVCo5TmArRwHtu5W91+YxSoyj22D0
|
||||
--- K4Uw4L8YfGsdUQfdxwm1zxkABRBBjORNIDoHv+sjosI
|
||||
@Ð,Â!!§øäç›?K¬Õ§!ò%™ô B¨åö¦*vßc?â:;ð 6¾’ãÎ{?.½EØ,þ˜;%Ä0iq^t‚l¨l=±Ž6.xvü\<5C>
|
Binary file not shown.
|
@ -1,27 +1,30 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 tDqJRg X/tRIl6TzF09a1Tvr8vP3SocmlfwKg307he8LP3Q5mo
|
||||
hWjX3AUbREbQR+uCiW8Nsj5nCwYQYy1KV/41sbxBFo4
|
||||
-> ssh-ed25519 jIXfPA 6EOXJfa+aY4JjOb0SO2k+s6xnNjtm/o8au6lbN1UfxA
|
||||
dVsgH99btiE+pl7Q4uiOcYDTwtv6X0jgjYXoFFd+tPs
|
||||
-> ssh-ed25519 QlRB9Q 4Hje1HQL+Zjm9+BGDQvb83KaizOjfKTwjiq1SJlXvA0
|
||||
w2rMGVcZcS2aLNYxHZIJZF/j50CQm8UCmq89W9K7Q14
|
||||
-> ssh-ed25519 r+nK/Q aPQh4X7xZnTbrkxIaAwUbaS7NnbHMY+Q31E0x7AvwSo
|
||||
rnMus4wPVugzscVNPO33rNgboN7I42tdz4dikVOvWIw
|
||||
-> ssh-ed25519 jIXfPA ffhnaA8PokIDyboOZVSebOxvu46CSvl3Sk6NEqXDlgo
|
||||
MTEYDDnKBVnGyMvQFLBVAedmEfdv90Lh7fFt8G4ogSg
|
||||
-> ssh-ed25519 QlRB9Q U9driMnVrc6FvJkIg0FGfCqjftbw4OozLMH3hNSeOns
|
||||
/2/Ripvin97IDSSpOkWiOrmMt1/WnsKDZQ9jvPpn2OA
|
||||
-> ssh-ed25519 r+nK/Q TabwYz+Z7Hr/TflaeYFT+svW+AGkTYRqDPN0iRrPmzc
|
||||
mi9r46HFwSjqPrW3x4Ik2Xerd80KjYuHaqy4wkLOgAc
|
||||
-> ssh-rsa krWCLQ
|
||||
Xe2Vv3tCZy19QQt26q6T3mJkZyltU7OVOrruwxWr8hlaKgOfR/pMa7nbR+eWm6jS
|
||||
++39H+E6gssE/534ld5qz2J3oPV5E6+p4wok/Owy7zE6aWrALP1Mp296lumRjjGN
|
||||
6aYhmf4fbpvOWDMNujExWURggswbUplk0f7l5UYjNpcSnM9Iq6s9fTAUVTMAlvoL
|
||||
cmVvPTll6QlhhM7tkJL1fo+1nEimfmwDaOhE2lAKKJUD7DTqcBGsukpysOhcmCyr
|
||||
Xtx38kcuF5eaDzjT9gXgi4QtCrxf31Lfjju44HSqJFB1LqO2Vzd9rASurD2LN7/1
|
||||
uj8F5y+dmf6IqIM/kYXqPg
|
||||
-> ssh-ed25519 /vwQcQ Byl5reTJslEFsIdUWp+rg5sZxG1jEHVduBE/grTD/Vc
|
||||
SEzFbpWUZrVitO1Swfs3/pzfaZ6Zd4Roi8anJRHO7/o
|
||||
-> ssh-ed25519 0R97PA CLDuGuFPHf0rgUoCUY2C1jtXAeBEqKiqaeiH4ZcRFk8
|
||||
rBYZfmS7BSKDIJMVpWTGy5wRhhoi9xR1GchVsUn7Psw
|
||||
-> ssh-ed25519 JGx7Ng xqTydh3Bt5bL/7R6ZnVtqhfSW2V3g1g2UWPcePt8TCU
|
||||
lPQeGP4VQGU4xeGqVcIRnWZjeDp2Q4lH2CLg+C/weyM
|
||||
-> .-grease
|
||||
l4qPzZnL/yerx8Y3VUmUoO2GgK7OUAjbhfYsHPhDFSo+ZPgvYo7qpJBEsPQqrPA3
|
||||
FF2/R9IFD+jFranJsg
|
||||
--- ynZs900dI1cp+HWu6HdnUGKaJw/Wa1Y26eQSeO3fvH8
|
||||
|Nös.æ·»×KC²éi#<11>XôfÓé‚öÃÎq[í¶t{ŸôEkœÇ±<A–ÿñYd'çÉ…²3ȆbMæÝ;0f”V[œ¥<ûàX;E‘
|
||||
DiRtuMIY8AdA3XJcW75mQwQN/CKtXFLbS/bHHMSH0xBzUPhY2JP5IwDrnS+YuAq8
|
||||
CTc+QXC8eWlZpujZnIMgX2lUMOVA9rfYLml3Dsjju048kLBOm/WlYAaf3l7Fpuwm
|
||||
m3BQK4mRWsdISdhwUHsNTaO8z9jkMwV/a+iWjQWDtNxscRnBqq8a2wms7zUHmJbJ
|
||||
HHYCykPZGrIhh6pOConMhuQZRN59W/HVCJ60+z4E0L5Yw1itqyInz/XQh+a6hrnY
|
||||
8R2ipE658KJmqSHIebeSriD49fvwEWaCssmI9JQ4GmuKLaKQuqNwTubmm+0cP9w5
|
||||
NtVCqqEGq3HX1/MLnpmbew
|
||||
-> ssh-ed25519 /vwQcQ p8fZnQh6objEcb9kVQ+iu49T7v54CZKES538A/3eXlo
|
||||
4bchuaemw++HSOi+1Nop2D1QP96zsDdK1SS5wzNLIeE
|
||||
-> ssh-ed25519 0R97PA j76+Z++DFCjrELtJuXlbXKO3GfDz4bqN4MjxrRjEunY
|
||||
s/Bouc5R6RAhV+fV8sqP3bQN7cubQ/zvmTbiFkEdShc
|
||||
-> ssh-ed25519 JGx7Ng FSufP2DJeNehiGWArgtLjnPTMJd1XYOGIydUDovgLjA
|
||||
HpuHpBUSrEgUDZHG2T6b2wdugRhCCWnCNC33W1mz7VQ
|
||||
-> ssh-ed25519 bUjjig 3lJvEVu3c8NNpm1cc6068n2pO75PLD5DyX00sL9Io1M
|
||||
QV4CiZ8q2YV3FjojL4eU+of4KNuvw/kuVcykOR/ndcY
|
||||
-> ssh-ed25519 tDqJRg 1++TmLtKpgOlKExGY4ZVWb82N/GrRHl63MpHsBYg83A
|
||||
C1hi8qlfY8Tx8a6Ik4b0FcxXFDorvmSklR53VgPeQqU
|
||||
-> i3xH-grease \0) ojM4J<
|
||||
ArfqJf5FcIndzy7XQ5vxY+1iJwPtjplV7Sx5R2kWoHsXBwYyI9pt8Co
|
||||
--- apFO9hGDSpGnlL3r1MliuT1axseRl7WLb5YhpOcd5GI
|
||||
ùÒЇÚv\yoKÜøCsáþ™AaãjMŸ<>¦–Š¶+2"À½îšäÉc4‚51ùÏ8÷)m‡¤ŒÚ$š„XÇÈkû<6B>Pj)FÜ
|
||||
ÃV*É‚
|
||||
c
|
Binary file not shown.
Loading…
Reference in a new issue