TheAnachronism/docspell
1
0
Fork 0
mirror of https://github.com/TheAnachronism/docspell.git synced 2025-06-22 02:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2646 from VTimofeenko/add-logout-url

Browse Source 
Add logout-url option to Nix module
This commit is contained in:
eikek
2024-05-24 23:05:46 +02:00
committed by GitHub
parent 3a43ad408c a2ae339870
commit d0681a12e3
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
nix/modules/server.nix
View File

@ -92,6 +92,7 @@ with lib; let
auth = { auth = {
server-secret = "hex:caffee"; server-secret = "hex:caffee";
session-valid = "5 minutes"; session-valid = "5 minutes";
on-account-source-conflict = "fail";
remember-me = { remember-me = {
enabled = true; enabled = true;
valid = "30 days"; valid = "30 days";
@ -111,6 +112,7 @@ with lib; let
scope = "profile"; scope = "profile";
authorize-url = null; authorize-url = null;
token-url = null; token-url = null;
logout-url = "";
user-url = null; user-url = null;
sign-key = ""; sign-key = "";
sig-algo = "RS256"; sig-algo = "RS256";
@ -323,6 +325,19 @@ in {
will get a new one periodically. will get a new one periodically.
''; '';
}; };
on-account-source-conflict = mkOption {
type = types.enum ["fail" "convert"];
default = defaults.auth.on-account-source-conflict;
description = ''
Accounts can be local or defined at a remote provider and
integrated via OIDC. If the same account is defined in both
sources, docspell by default fails if a user mixes logins (e.g.
when registering a user locally and then logging in with the
same user via OIDC). When set to `convert` docspell treats it as
being the same and simply updates the account to reflect the new
account source.
'';
};
remember-me = mkOption { remember-me = mkOption {
type = types.submodule { type = types.submodule {
options = { options = {
@ -424,6 +439,11 @@ in {
default = defaults.openid.provider.token-url; default = defaults.openid.provider.token-url;
description = "The URL used to retrieve the token."; description = "The URL used to retrieve the token.";
}; };
logout-url = mkOption {
type = types.str;
default = defaults.openid.provider.logout-url;
description = "The URL used for user's logout.";
};
user-url = mkOption { user-url = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = defaults.openid.provider.user-url; default = defaults.openid.provider.user-url;