[Pagure] Enable OIDC on production
As OIDC authentication works without issue on staging let's enable it on production as well. Signed-off-by: Michal Konecny <mkonecny@redhat.com>
This commit is contained in:
Michal Konecny
parent
2a442cf7a7
commit
88f7258c7b
2 changed files with 0 additions and 5 deletions
|
|
@ -357,7 +357,6 @@
|
||||||
- config
|
- config
|
||||||
- web
|
- web
|
||||||
- pagure
|
- pagure
|
||||||
when: env == 'pagure-staging'
|
|
||||||
|
|
||||||
|
|
||||||
- name: create the database scheme
|
- name: create the database scheme
|
||||||
|
|
|
||||||
|
|
@ -195,7 +195,6 @@ DISABLED_PLUGINS = ['IRC']
|
||||||
### Switch the authentication method
|
### Switch the authentication method
|
||||||
# Specify which authentication method to use: `openid`, `oidc`, `local`
|
# Specify which authentication method to use: `openid`, `oidc`, `local`
|
||||||
# Default: ``fas``.
|
# Default: ``fas``.
|
||||||
{% if env == 'pagure-staging' %}
|
|
||||||
PAGURE_AUTH = 'oidc'
|
PAGURE_AUTH = 'oidc'
|
||||||
OIDC_CLIENT_SECRETS = "/etc/pagure/client_secrets.json"
|
OIDC_CLIENT_SECRETS = "/etc/pagure/client_secrets.json"
|
||||||
OIDC_ID_TOKEN_COOKIE_SECURE = True
|
OIDC_ID_TOKEN_COOKIE_SECURE = True
|
||||||
|
|
@ -210,9 +209,6 @@ OIDC_PAGURE_USERNAME = 'preferred_username'
|
||||||
OIDC_PAGURE_SSH_KEY = 'ssh_key'
|
OIDC_PAGURE_SSH_KEY = 'ssh_key'
|
||||||
OIDC_PAGURE_GROUPS = 'groups'
|
OIDC_PAGURE_GROUPS = 'groups'
|
||||||
OIDC_PAGURE_USERNAME_FALLBACK = 'nickname'
|
OIDC_PAGURE_USERNAME_FALLBACK = 'nickname'
|
||||||
{% else %}
|
|
||||||
PAGURE_AUTH = 'openid'
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
# When this is set to True, the session cookie will only be returned to the
|
# When this is set to True, the session cookie will only be returned to the
|
||||||
# server via ssl (https). If you connect to the server via plain http, the
|
# server via ssl (https). If you connect to the server via plain http, the
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue