mirror of
https://github.com/yusing/godoxy.git
synced 2025-05-20 04:42:33 +02:00
fb0dc7dea0
* implement OIDC middleware * auth code cleanup * allow override allowed_user in middleware, fix typos * fix tests and callbackURL * update next release docs * fix OIDC middleware not working with Authentik * feat: add groups support for OIDC claims (#41) Allow users to specify allowed groups in the env and use it to inspect the claims. This performs a logical AND of users and groups (additive). * merge feat/oidc-middleware (#49) * api: enrich provider statistifcs * fix: docker monitor now uses container status * Feat/auto schemas (#48) * use auto generated schemas * go version bump and dependencies upgrade * clarify some error messages --------- Co-authored-by: yusing <yusing@6uo.me> * cleanup some loadbalancer code * api: cleanup websocket code * api: add /v1/health/ws for health bubbles on dashboard * feat: experimental memory logger and logs api for WebUI --------- Co-authored-by: yusing <yusing@6uo.me> --------- Co-authored-by: yusing <yusing@6uo.me> Co-authored-by: Peter Olds <peter@olds.co>
49 lines
No EOL
1.6 KiB
Text
49 lines
No EOL
1.6 KiB
Text
# set timezone to get correct log timestamp
|
|
TZ=ETC/UTC
|
|
|
|
# API/WebUI user password login credentials (optional)
|
|
# These fields are not required for OIDC authentication
|
|
GODOXY_API_USER=admin
|
|
GODOXY_API_PASSWORD=password
|
|
# generate secret with `openssl rand -base64 32`
|
|
GODOXY_API_JWT_SECRET=
|
|
# the JWT token time-to-live
|
|
GODOXY_API_JWT_TOKEN_TTL=1h
|
|
|
|
# OIDC Configuration (optional)
|
|
# Uncomment and configure these values to enable OIDC authentication.
|
|
# GODOXY_OIDC_ISSUER_URL=https://accounts.google.com
|
|
# GODOXY_OIDC_CLIENT_ID=your-client-id
|
|
# GODOXY_OIDC_CLIENT_SECRET=your-client-secret
|
|
# Keep /api/auth/callback as the redirect URL, change the domain to match your setup.
|
|
# GODOXY_OIDC_REDIRECT_URL=https://your-domain/api/auth/callback
|
|
# Comma-separated list of scopes
|
|
# GODOXY_OIDC_SCOPES=openid, profile, email
|
|
#
|
|
# User definitions: Uncomment and configure these values to restrict access to specific users or groups.
|
|
# These two fields act as a logical AND operator. For example, given the following membership:
|
|
# user1, group1
|
|
# user2, group1
|
|
# user3, group2
|
|
# user1, group2
|
|
# You can allow access to user3 AND all users of group1 by providing:
|
|
# # GODOXY_OIDC_ALLOWED_USERS=user3
|
|
# # GODOXY_OIDC_ALLOWED_GROUPS=group1
|
|
#
|
|
# Comma-separated list of allowed users.
|
|
# GODOXY_OIDC_ALLOWED_USERS=user1,user2
|
|
# Optional: Comma-separated list of allowed groups.
|
|
# GODOXY_OIDC_ALLOWED_GROUPS=group1,group2
|
|
|
|
# Proxy listening address
|
|
GODOXY_HTTP_ADDR=:80
|
|
GODOXY_HTTPS_ADDR=:443
|
|
|
|
# API listening address
|
|
GODOXY_API_ADDR=127.0.0.1:8888
|
|
|
|
# Prometheus Metrics listening address (uncomment to enable)
|
|
#GODOXY_PROMETHEUS_ADDR=:8889
|
|
|
|
# Debug mode
|
|
GODOXY_DEBUG=false |