pub-solar/os
5
0
Fork 2
Code Issues 4 Pull requests Packages Projects 1 Releases Wiki Activity

Add Tailscale custom OIDC webfinger
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details

Browse source 
See: https://tailscale.com/kb/1240/sso-custom-oidc/#webfinger-setup
This commit is contained in:
teutat3s 2023-03-04 02:24:52 +01:00
parent eaea884351
commit d1175e82b4
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1
1 changed files with 37 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
hosts/flora-6/caddy.nix
View file

@ -21,30 +21,45 @@
output discard output discard
''; '';
extraConfig = '' extraConfig = ''
# PubSolarOS images # PubSolarOS images
handle /os/download/* { handle /os/download/* {
root * /srv/www root * /srv/www
file_server /os/download/* browse file_server /os/download/* browse
} }
# serve base domain pub.solar for mastodon.pub.solar # serve base domain pub.solar for mastodon.pub.solar
# https://masto.host/mastodon-usernames-different-from-the-domain-used-for-installation/ # https://masto.host/mastodon-usernames-different-from-the-domain-used-for-installation/
handle /.well-known/host-meta { handle /.well-known/host-meta {
redir https://mastodon.pub.solar{uri} redir https://mastodon.pub.solar{uri}
} }
# redirect to statutes # Tailscale OIDC requirement
redir /satzung https://cloud.pub.solar/s/2tRCP9aZFCiWxQy temporary handle /.well-known/webfinger {
respond 200 {
body `{
"subject": "acct:admins@pub.solar",
"links": [
{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://auth.pub.solar/realms/pub.solar"
}
]
}`
}
}
# pub.solar website # redirect to statutes
handle { redir /satzung https://cloud.pub.solar/s/2tRCP9aZFCiWxQy temporary
root * /srv/www/pub.solar
try_files {path}.html {path} # pub.solar website
file_server handle {
} root * /srv/www/pub.solar
# minimal error handling, respond with status code and text try_files {path}.html {path}
handle_errors { file_server
respond "{http.error.status_code} {http.error.status_text}" }
} # minimal error handling, respond with status code and text
handle_errors {
respond "{http.error.status_code} {http.error.status_text}"
}
''; '';
}; };
"www.pub.solar" = { "www.pub.solar" = {