mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-22 12:59:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

add an OIDC Directory to Stalwart, requires exposing Keycloak port 8080 directly to access the userinfo endpoint using HTTP since the certificates in traefik are self-signed and end up being rejected by Stalwart with no option to bypass the certificate check

Browse Source
This commit is contained in:
Pascal Bleser
2025-04-28 09:53:58 +02:00
parent ef888ea90d
commit 1b45acfa43
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
devtools/deployments/opencloud_full/config/stalwart/config.toml
View File

@@ -2,6 +2,16 @@ authentication.fallback-admin.secret = "$6$4qPYDVhaUHkKcY7s$bB6qhcukb9oFNYRIvaDZ
authentication.fallback-admin.user = "mailadmin"
authentication.master.secret = "$6$4qPYDVhaUHkKcY7s$bB6qhcukb9oFNYRIvaDZgbwxrMa2RvF5dumCjkBFdX19lSNqrgKltf3aPrFMuQQKkZpK2YNuQ83hB1B3NiWzj."
authentication.master.user = "master"
directory.keycloak.cache.size = 1048576
directory.keycloak.cache.ttl.negative = "10m"
directory.keycloak.cache.ttl.positive = "1h"
directory.keycloak.endpoint.method = "userinfo"
directory.keycloak.endpoint.url = "http://172.18.0.7:8080/realms/openCloud/protocol/openid-connect/userinfo"
directory.keycloak.fields.email = "email"
directory.keycloak.fields.full-name = "name"
directory.keycloak.fields.username = "preferred_username"
directory.keycloak.timeout = "15s"
directory.keycloak.type = "oidc"
directory.ldap.attributes.class = "objectClass"
directory.ldap.attributes.description = "description"
directory.ldap.attributes.email = "mail"

2
devtools/deployments/opencloud_full/keycloak.yml
View File

@@ -57,6 +57,8 @@ services:
KC_FEATURES: impersonation
KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN_USER:-admin}
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin}
ports:
- "8080:8080"
labels:
- "traefik.enable=true"
- "traefik.http.routers.keycloak.entrypoints=https"