Add Tailscale custom OIDC webfinger
See: https://tailscale.com/kb/1240/sso-custom-oidc/#webfinger-setup
This commit is contained in:
parent
eaea884351
commit
d1175e82b4
|
@ -21,30 +21,45 @@
|
|||
output discard
|
||||
'';
|
||||
extraConfig = ''
|
||||
# PubSolarOS images
|
||||
handle /os/download/* {
|
||||
root * /srv/www
|
||||
file_server /os/download/* browse
|
||||
}
|
||||
# serve base domain pub.solar for mastodon.pub.solar
|
||||
# https://masto.host/mastodon-usernames-different-from-the-domain-used-for-installation/
|
||||
handle /.well-known/host-meta {
|
||||
redir https://mastodon.pub.solar{uri}
|
||||
}
|
||||
# PubSolarOS images
|
||||
handle /os/download/* {
|
||||
root * /srv/www
|
||||
file_server /os/download/* browse
|
||||
}
|
||||
# serve base domain pub.solar for mastodon.pub.solar
|
||||
# https://masto.host/mastodon-usernames-different-from-the-domain-used-for-installation/
|
||||
handle /.well-known/host-meta {
|
||||
redir https://mastodon.pub.solar{uri}
|
||||
}
|
||||
|
||||
# redirect to statutes
|
||||
redir /satzung https://cloud.pub.solar/s/2tRCP9aZFCiWxQy temporary
|
||||
# Tailscale OIDC requirement
|
||||
handle /.well-known/webfinger {
|
||||
respond 200 {
|
||||
body `{
|
||||
"subject": "acct:admins@pub.solar",
|
||||
"links": [
|
||||
{
|
||||
"rel": "http://openid.net/specs/connect/1.0/issuer",
|
||||
"href": "https://auth.pub.solar/realms/pub.solar"
|
||||
}
|
||||
]
|
||||
}`
|
||||
}
|
||||
}
|
||||
|
||||
# pub.solar website
|
||||
handle {
|
||||
root * /srv/www/pub.solar
|
||||
try_files {path}.html {path}
|
||||
file_server
|
||||
}
|
||||
# minimal error handling, respond with status code and text
|
||||
handle_errors {
|
||||
respond "{http.error.status_code} {http.error.status_text}"
|
||||
}
|
||||
# redirect to statutes
|
||||
redir /satzung https://cloud.pub.solar/s/2tRCP9aZFCiWxQy temporary
|
||||
|
||||
# pub.solar website
|
||||
handle {
|
||||
root * /srv/www/pub.solar
|
||||
try_files {path}.html {path}
|
||||
file_server
|
||||
}
|
||||
# minimal error handling, respond with status code and text
|
||||
handle_errors {
|
||||
respond "{http.error.status_code} {http.error.status_text}"
|
||||
}
|
||||
'';
|
||||
};
|
||||
"www.pub.solar" = {
|
||||
|
|
Loading…
Reference in a new issue