Move Synapse OIDC client id/secret from synapse_secrets to authelia_secrets.

This commit is contained in:
Viyurz 2024-05-11 10:58:34 +02:00
parent 43d5a87da5
commit a66b370e84
Signed by: Viyurz
SSH key fingerprint: SHA256:IskOHTmhHSJIvAt04N6aaxd5SZCVWW1Guf9tEcxIMj8
3 changed files with 7 additions and 7 deletions

View file

@ -86,9 +86,9 @@ identity_providers:
- 'email' - 'email'
token_endpoint_auth_method: client_secret_post token_endpoint_auth_method: client_secret_post
- client_id: '{{ synapse_secrets["oidc_client_id"] }}' - client_id: '{{ authelia_secrets["synapse_client_id"] }}'
client_name: Synapse client_name: Synapse
client_secret: '{{ synapse_secrets["oidc_client_secret_hash"] }}' client_secret: '{{ authelia_secrets["synapse_client_secret_hash"] }}'
redirect_uris: 'https://matrix.{{ domain }}/_synapse/client/oidc/callback' redirect_uris: 'https://matrix.{{ domain }}/_synapse/client/oidc/callback'
scopes: scopes:
- 'openid' - 'openid'

View file

@ -113,8 +113,8 @@ oidc_providers:
idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI" idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI"
discover: false discover: false
issuer: "https://auth.{{ domain }}" issuer: "https://auth.{{ domain }}"
client_id: '{{ synapse_secrets["oidc_client_id"] }}' client_id: '{{ authelia_secrets["synapse_client_id"] }}'
client_secret: '{{ synapse_secrets["oidc_client_secret"] }}' client_secret: '{{ authelia_secrets["synapse_client_secret"] }}'
scopes: ["openid", "profile", "email"] scopes: ["openid", "profile", "email"]
authorization_endpoint: 'https://auth.{{ domain }}/api/oidc/authorization' authorization_endpoint: 'https://auth.{{ domain }}/api/oidc/authorization'
token_endpoint: 'https://auth.{{ domain }}/api/oidc/token' token_endpoint: 'https://auth.{{ domain }}/api/oidc/token'

View file

@ -18,6 +18,9 @@ authelia_secrets:
hedgedoc_client_id: hedgedoc_client_id:
hedgedoc_client_secret: hedgedoc_client_secret:
hedgedoc_client_secret_hash: hedgedoc_client_secret_hash:
synapse_client_id:
synapse_client_secret:
synapse_client_secret_hash:
hmac_secret: hmac_secret:
jwks_key: | # openssl genrsa 4096 jwks_key: | # openssl genrsa 4096
@ -61,9 +64,6 @@ searxng_secrets:
searxng_secret: searxng_secret:
synapse_secrets: synapse_secrets:
oidc_client_id:
oidc_client_secret:
oidc_client_secret_hash:
smtp_user: smtp_user:
smtp_pass: smtp_pass:
postgres_user: postgres_user: