diff --git a/__swarm/bookstack/.env b/__swarm/bookstack/.env index d068d50..7422bc0 100755 --- a/__swarm/bookstack/.env +++ b/__swarm/bookstack/.env @@ -1,2 +1,88 @@ -APPNAME=bookstack -DOCKER_REGISTRY=r.sectorq.eu/library/ \ No newline at end of file +APPNAME: bookstack +DOCKER_REGISTRY: r.sectorq.eu/library/ +PUID: 1000 +PGID: 1000 +APP_URL: https://bookstack.sectorq.eu +DB_HOST: db +DB_PORT: 3306 +DB_USER: bookstack +DB_PASS: l4c1j4yd33Du5lo +DB_DATABASE: bookstackapp +MYSQL_ROOT_PASSWORD: l4c1j4yd33Du5lo +TZ: Europe/Bratislava +MYSQL_DATABASE: bookstackapp +MYSQL_USER: bookstack +MYSQL_PASSWORD: l4c1j4yd33Du5lo +# # Set authentication method to be saml2 +# AUTH_METHOD: saml2 +# # Control if BookStack automatically initiates login via your SAML system if it's the only authentication method. +# # Prevents the need for the user to click the "Login with x" button on the login page. +# # Setting this to true enables auto-initiation. +# AUTH_AUTO_INITIATE: false +# # Set the display name to be shown on the login button. +# # (Login with ) +# SAML2_NAME: authentik +# # Name of the attribute which provides the user's email address +# SAML2_EMAIL_ATTRIBUTE: email +# # Name of the attribute to use as an ID for the SAML user. +# SAML2_EXTERNAL_ID_ATTRIBUTE: uid +# # Enable SAML group sync. +# SAML2_USER_TO_GROUPS: true +# # Set the attribute from which BookStack will read groups names from. +# # You will need to rename your roles in Bookstack to match your groups in authentik. +# SAML2_GROUP_ATTRIBUTE: http://schemas.xmlsoap.org/claims/Group +# # Name of the attribute(s) to use for the user's display name +# # Can have multiple attributes listed, separated with a '|' in which +# # case those values will be joined with a space. +# # Example: SAML2_DISPLAY_NAME_ATTRIBUTES=firstName|lastName +# # Defaults to the ID value if not found. +# ######SAML2_DISPLAY_NAME_ATTRIBUTES: http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname +# SAML2_DISPLAY_NAME_ATTRIBUTES: username + +# # Identity Provider entityID URL +# SAML2_IDP_ENTITYID: https://auth.sectorq.eu/api/v3/providers/saml/10/metadata/?download + +# # Auto-load metadata from the IDP +# # Setting this to true negates the need to specify the next three options +# SAML2_AUTOLOAD_METADATA: true + + +# Set OIDC to be the authentication method +AUTH_METHOD: oidc +#AUTH_METHOD: standard +# Control if BookStack automatically initiates login via your OIDC system +# if it's the only authentication method. Prevents the need for the +# user to click the "Login with x" button on the login page. +# Setting this to true enables auto-initiation. +AUTH_AUTO_INITIATE: true + +# Set the display name to be shown on the login button. +# (Login with ) +OIDC_NAME: SSO + +# Name of the claims(s) to use for the user's display name. +# Can have multiple attributes listed, separated with a '|' in which +# case those values will be joined with a space. +# Example: OIDC_DISPLAY_NAME_CLAIMS=given_name|family_name +OIDC_DISPLAY_NAME_CLAIMS: name + +# OAuth Client ID to access the identity provider +OIDC_CLIENT_ID: GCPj547vTmEpmsCM8jkuR222SS31yZMdp7oAU82U + +# OAuth Client Secret to access the identity provider +OIDC_CLIENT_SECRET: Nador7SOdsYgfNhRwbeRKLNPkPiASBAlTnKVi294xbOz8MM3e2RlzAaWQsQNZmBtLLZVifb1TG3OpKrVXeeW3Vu8HmJuvy8GwSAT2r0pP0241tDdEShq7UkP9G5Esdt8 + +# Issuer URL +# Must start with 'https://' +OIDC_ISSUER: https://auth.sectorq.eu/application/o/bookstack/ + +# The "end session" (RP-initiated logout) URL to call during BookStack logout. +# By default this is false which disables RP-initiated logout. +# Setting to "true" will enable logout if found as supported by auto-discovery. +# Otherwise, this can be set as a specific URL endpoint. +OIDC_END_SESSION_ENDPOINT: false + +# Enable auto-discovery of endpoints and token keys. +# As per the standard, expects the service to serve a +# `/.well-known/openid-configuration` endpoint. +OIDC_ISSUER_DISCOVER: true \ No newline at end of file