Add Tailscale custom OIDC webfinger
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing

See: https://tailscale.com/kb/1240/sso-custom-oidc/#webfinger-setup
This commit is contained in:
teutat3s 2023-03-04 02:24:52 +01:00
parent eaea884351
commit d1175e82b4
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1

View file

@ -21,30 +21,45 @@
output discard
'';
extraConfig = ''
# PubSolarOS images
handle /os/download/* {
root * /srv/www
file_server /os/download/* browse
}
# serve base domain pub.solar for mastodon.pub.solar
# https://masto.host/mastodon-usernames-different-from-the-domain-used-for-installation/
handle /.well-known/host-meta {
redir https://mastodon.pub.solar{uri}
}
# PubSolarOS images
handle /os/download/* {
root * /srv/www
file_server /os/download/* browse
}
# serve base domain pub.solar for mastodon.pub.solar
# https://masto.host/mastodon-usernames-different-from-the-domain-used-for-installation/
handle /.well-known/host-meta {
redir https://mastodon.pub.solar{uri}
}
# redirect to statutes
redir /satzung https://cloud.pub.solar/s/2tRCP9aZFCiWxQy temporary
# Tailscale OIDC requirement
handle /.well-known/webfinger {
respond 200 {
body `{
"subject": "acct:admins@pub.solar",
"links": [
{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://auth.pub.solar/realms/pub.solar"
}
]
}`
}
}
# pub.solar website
handle {
root * /srv/www/pub.solar
try_files {path}.html {path}
file_server
}
# minimal error handling, respond with status code and text
handle_errors {
respond "{http.error.status_code} {http.error.status_text}"
}
# redirect to statutes
redir /satzung https://cloud.pub.solar/s/2tRCP9aZFCiWxQy temporary
# pub.solar website
handle {
root * /srv/www/pub.solar
try_files {path}.html {path}
file_server
}
# minimal error handling, respond with status code and text
handle_errors {
respond "{http.error.status_code} {http.error.status_text}"
}
'';
};
"www.pub.solar" = {