OIDC parameters for Authentik #2047
Replies: 2 comments
-
I have updated the documentation: https://miniflux.app/docs/howto.html#oauth2 |
Beta Was this translation helpful? Give feedback.
-
Cool, thanks, this saved me the hour 🙏🏻 Do we have a recommended way to make miniflux container trust
And although it's possible to inject certs, it's quite some clutter. services:
miniflux-certs-init:
image: alpine:latest
entrypoint: /bin/sh
command: >
-c "
apk add --no-cache ca-certificates &&
rm -rf /shared-certs/* &&
mkdir -p /usr/local/share/ca-certificates &&
cp /certs/*_ca.crt /usr/local/share/ca-certificates/ &&
update-ca-certificates &&
cp -prf /etc/ssl/* /shared-certs/ &&
touch /shared-certs/generated-by-cainit-$(date +%Y%m%d-%H%M%S) &&
echo 'Certificates updated. Exiting.'"
volumes:
- ../_common/certs:/certs:ro
- ./config/ssl:/shared-certs
miniflux:
image: miniflux/miniflux:distroless
environment:
...
OAUTH2_PROVIDER=oidc
OAUTH2_CLIENT_ID=XXXXXX
OAUTH2_CLIENT_SECRET=YYYYYY
OAUTH2_REDIRECT_URL=https://miniflux.example.org/oauth2/oidc/callback
OAUTH2_OIDC_DISCOVERY_ENDPOINT=https://authentik.example.org/application/o/miniflux/
OAUTH2_USER_CREATION=1
volumes:
- ./config/ssl:/etc/ssl:ro
depends_on:
db:
condition: service_healthy
miniflux-certs-init:
condition: service_completed_successfully
db:
... I've seen some better solutions lately like |
Beta Was this translation helpful? Give feedback.
-
I had to modify the OIDC discovery endpoint URL given by my IDP, because Miniflux automatically appends
.well-known/openid-configuration
, similar to goharbor/harbor#12535.Maybe it is worth mentioning in the documentation that the ".well-known" part is automatically appended.
These parameters work for Authentik:
Beta Was this translation helpful? Give feedback.
All reactions