Add authentik oidc provider

This commit is contained in:
Emelie Graven 2021-12-20 11:56:41 +01:00
parent 2a3cce996a
commit 98b8a3ede2
Signed by: emelie
GPG key ID: C11123726DBB55A1

View file

@ -24,46 +24,48 @@
report_stats = true; report_stats = true;
withJemalloc = true; withJemalloc = true;
extraConfig = '' extraConfig = ''
password_config:
enabled: false
oidc_providers: oidc_providers:
- idp_id: authentik - idp_id: authentik
idp_name: authentik idp_name: authentik
discover: true discover: true
issuer: "https://auth.graven.dev/application/o/matrix-synapse/" issuer: "https://auth.graven.dev/application/o/synapse/"
client_id: "b680e49c584fad37610d465b1ea270e8daf7ce50" client_id: "7a77036d3b360265895f2ab5a51264ba586c93d5"
client_secret: "d404b3bca1e7d2073a79b4e6d60b64505e2249a7fa6b5a2a0f499ab1955b93e269cddff4c8ce37c8ad929e16cdab5640ec2c25cec36ed73e67b753b6d4689cac" client_secret: "a9f9146fd13338230481a71c824d122bfb5e8a2118f2cdaf882746ad6726aeecd50ef522338acec89d3f8ccb8014124e022a6af6769807ea4271931f219a3f55"
allow_existing_users: true
scopes: scopes:
- "openid" - "openid"
- "profile" - "profile"
- "email" - "email"
user_mapping_provider: user_mapping_provider:
config: config:
localpart_template: "{{ '{{ user.name }}' }}" localpart_template: "{{ user.name }}"
display_name_template: "{{ '{{ user.name|capitalize }}' }}" display_name_template: "{{ user.name|capitalize }}"
''; '';
logConfig = '' logConfig = ''
version: 1 version: 1
formatters: formatters:
precise: precise:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
handlers: handlers:
console: console:
class: logging.StreamHandler class: logging.StreamHandler
formatter: precise formatter: precise
loggers: loggers:
synapse.storage.SQL: synapse.storage.SQL:
# beware: increasing this to DEBUG will make synapse log sensitive # beware: increasing this to DEBUG will make synapse log sensitive
# information such as access tokens. # information such as access tokens.
level: WARN level: WARN
root: root:
level: WARN level: WARN
handlers: [console] handlers: [console]
disable_existing_loggers: false disable_existing_loggers: false
''; '';