Mirrors/headscale-webui
1
0
Fork 1
mirror of https://github.com/iFargle/headscale-webui.git synced 2026-01-07 05:04:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

Test

Browse Source
This commit is contained in:
iFargle
2023-02-17 14:37:15 +09:00
parent 6f9cbaf415
commit b80b81dfde
3 changed files with 17 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Dockerfile
View File

@@ -38,9 +38,10 @@ ENV BASIC_AUTH_USER="user"
ENV BASIC_AUTH_PASS="pass"
# OIDC variables
ENV OIDC_DISCOVERY_URL=http://localhost
ENV OIDC_CLIENT_ID=Headscale-WebUI
ENV OIDC_CLIENT_SECRET=
ENV FLASK_OIDC_PROVIDER_NAME="OIDC"
ENV FLASK_OIDC_CLIENT_ID=Headscale-WebUI
ENV FLASK_OIDC_CLIENT_SECRET=secret
ENV FLASK_OIDC_CONFIG_URL=http://localhost
# Jenkins build args
ARG GIT_COMMIT_ARG=""

8
docker-compose.yml
View File

@@ -12,10 +12,10 @@ services:
- BASIC_AUTH_USER=user # Used for basic auth - Can be omitted if not using Basic Auth
- BASIC_AUTH_PASS=pass # Used for basic auth - Can be omitted if not using Basic Auth
# ENV for OIDC (Used only if AUTH_TYPE is "OIDC")
- OIDC_DISCOVERY_URL=https://auth.$DOMAIN # Check docs for your OIDC provider for the "Well Known" discovery URL
- OIDC_CLIENT_ID=Headscale WebUI
- OIDC_CLIENT_SECRET=YourOIDCClientSecret
# OIDC Redirect URI: $DOMAIN/$BASE_PATH/auth
- FLASK_OIDC_PROVIDER_NAME="OIDC"
- FLASK_OIDC_CLIENT_ID=Headscale-WebUI
- FLASK_OIDC_CLIENT_SECRET=secret
- FLASK_OIDC_CONFIG_URL=https://auth.$DOMAIN/.well-known/openid-configuration
volumes:
- ./volume:/data # Headscale-WebUI's storage. Make sure ./volume is readable by UID 1000 (chown 1000:1000 ./volume)
- ./headscale/config/:/etc/headscale/:ro # Headscale's config storage location. Used to read your Headscale config.

30
server.py
View File

@@ -17,15 +17,15 @@ DEBUG_STATE = False
AUTH_TYPE = os.environ["AUTH_TYPE"].replace('"', '')
# OIDC Variables: https://github.com/verdan/flaskoidc
FLASK_OIDC_PROVIDER_NAME = "OIDC" # Default: 'google'
# FLASK_OIDC_SCOPES # Default: 'openid email profile'
# FLASK_OIDC_USER_ID_FIELD # Default: 'email'
FLASK_OIDC_CLIENT_ID = os.environ["OIDC_CLIENT_ID"] # Default: ''
FLASK_OIDC_CLIENT_SECRET = os.environ["OIDC_CLIENT_SECRET"] # Default: ''
# FLASK_OIDC_FORCE_SCHEME # Default: 'http'
# FLASK_OIDC_REDIRECT_URI # Default: '/auth'
FLASK_OIDC_CONFIG_URL = os.environ["OIDC_DISCOVERY_URL"] # Default: ''
FLASK_OIDC_OVERWRITE_REDIRECT_URI = BASE_PATH # Default: '/'
# OIDC_PROVIDER = os.environ.get("FLASK_OIDC_PROVIDER_NAME", "google")
# OIDC_SCOPES = os.environ.get("FLASK_OIDC_SCOPES", "openid email profile")
# USER_ID_FIELD = os.environ.get("FLASK_OIDC_USER_ID_FIELD", "email")
# CLIENT_ID = os.environ.get("FLASK_OIDC_CLIENT_ID", "")
# CLIENT_SECRET = os.environ.get("FLASK_OIDC_CLIENT_SECRET", "")
# SCHEME = os.environ.get("FLASK_OIDC_FORCE_SCHEME", "http")
# REDIRECT_URI = os.environ.get("FLASK_OIDC_REDIRECT_URI", "/auth")
# OVERWRITE_REDIRECT_URI = os.environ.get("FLASK_OIDC_OVERWRITE_REDIRECT_URI", "/")
# CONFIG_URL = os.environ.get("FLASK_OIDC_CONFIG_URL", "")
static_url_path = '/static'
if BASE_PATH != '': static_url_path = BASE_PATH + static_url_path
@@ -34,20 +34,8 @@ if BASE_PATH != '': static_url_path = BASE_PATH + static_url_path
if AUTH_TYPE.lower() == "oidc":
# Load OIDC libraries
from flaskoidc import FlaskOIDC
from flaskoidc.config import BaseConfig
class CustomConfig(BaseConfig):
DEBUG = DEBUG_STATE
PROVIDER_NAME = "OIDC" # Default: 'google'
CLIENT_ID = os.environ["OIDC_CLIENT_ID"] # Default: ''
CLIENT_SECRET = os.environ["OIDC_CLIENT_SECRET"] # Default: ''
CONFIG_URL = os.environ["OIDC_DISCOVERY_URL"] # Default: ''
OVERWRITE_REDIRECT_URI = BASE_PATH # Default: '/'
print("using config "+FLASK_OIDC_CONFIG_URL)
app = FlaskOIDC(__name__, static_url_path=static_url_path)
app.config.from_object(CustomConfig)
app.logger.debug("Loading OIDC libraries and configuring app...")
# TODO:
# If OIDC is enabled, add user info and a logout button to the top bar.