From 39bc977cf6a6aa77f236a55028c75f4631f587e1 Mon Sep 17 00:00:00 2001 From: eyjhb Date: Fri, 14 Mar 2025 17:13:47 +0100 Subject: [PATCH] authelia: set consent mode to implicit, we only use fricloud.dk anyways And rasmus is lazy --- machines/gerd/services/forgejo/auth_sources.nix | 1 + machines/gerd/services/matrix/matrix-synapse.nix | 1 + machines/gerd/services/monitoring/grafana.nix | 1 + machines/gerd/services/nextcloud.nix | 1 + machines/gerd/services/rallly/default.nix | 1 + 5 files changed, 5 insertions(+) diff --git a/machines/gerd/services/forgejo/auth_sources.nix b/machines/gerd/services/forgejo/auth_sources.nix index 7f93fe3..da9ffd5 100644 --- a/machines/gerd/services/forgejo/auth_sources.nix +++ b/machines/gerd/services/forgejo/auth_sources.nix @@ -99,6 +99,7 @@ in { client_id = "forgejo"; client_name = "Forgejo"; client_secret = "$pbkdf2-sha512$310000$cOGtLwMHyfugAJCIiUUjfQ$ao7zC8QB1m8aTGNf1dxYbRAPivZ0G1eaJ4bNFVfJiTFZX06U5baBjT0emvoaeFHXMFbYHzorb2/8vxnY/D0b5Q"; + consent_mode = "implicit"; redirect_uris = [ "https://${config.mine.shared.settings.forgejo.domain}/user/oauth2/${AUTHELIA_AUTH_NAME}/callback" ]; scopes = [ "openid" diff --git a/machines/gerd/services/matrix/matrix-synapse.nix b/machines/gerd/services/matrix/matrix-synapse.nix index 90e4fbf..b2735c9 100644 --- a/machines/gerd/services/matrix/matrix-synapse.nix +++ b/machines/gerd/services/matrix/matrix-synapse.nix @@ -128,6 +128,7 @@ in { client_id = "synapse"; client_name = "Synapse"; client_secret = "$pbkdf2-sha512$310000$SmE9y.LA9lnzxNWL6CeWQA$zcrum.Rst9xQy/MKBI5i.UiUdSjx/F0ak65Z3vYk0w7/GMWIqXaW3GnE7bJQw6nHi5eZ2uhKHtW/DKp2TDVhbQ"; + consent_mode = "implicit"; redirect_uris = [ "https://${svc_domain}/_synapse/client/oidc/callback" ]; scopes = [ "openid" diff --git a/machines/gerd/services/monitoring/grafana.nix b/machines/gerd/services/monitoring/grafana.nix index c19967a..2bf68dd 100644 --- a/machines/gerd/services/monitoring/grafana.nix +++ b/machines/gerd/services/monitoring/grafana.nix @@ -64,6 +64,7 @@ in { client_id = "grafana"; client_name = "Grafana"; client_secret = "$pbkdf2-sha512$310000$81MV1.67njuS/5H2UvVsnA$vaNO3/tzVA76Jho4ngS.xFjDuYn1sDn/9qo7cD0ueMnVvzaoJj00ND5wCGzVSUnvLuxNE/enC1K5r7xKAe/Hrg"; + consent_mode = "implicit"; redirect_uris = [ "https://${svc_domain}/login/generic_oauth" ]; scopes = [ "openid" diff --git a/machines/gerd/services/nextcloud.nix b/machines/gerd/services/nextcloud.nix index 81bf6b2..452f158 100644 --- a/machines/gerd/services/nextcloud.nix +++ b/machines/gerd/services/nextcloud.nix @@ -221,6 +221,7 @@ in { client_id = AUTHELIA_AUTH_NAME; client_name = "Nextcloud"; client_secret = "$pbkdf2-sha512$310000$kLNQ/1A.uasSN4g8q94jUQ$8OKNUNNumHCh8dVG5/QWys7u.y1guqFXlrL.bMm7/HKTsWhpib/W.8qlU6VU7V1Be/h14Y.fJi3RLvbkEdo2kA"; + consent_mode = "implicit"; redirect_uris = [ "https://${svc_domain}/apps/oidc_login/oidc" ]; scopes = [ "openid" diff --git a/machines/gerd/services/rallly/default.nix b/machines/gerd/services/rallly/default.nix index 9658539..d6f4710 100644 --- a/machines/gerd/services/rallly/default.nix +++ b/machines/gerd/services/rallly/default.nix @@ -104,6 +104,7 @@ in { client_id = "rallly"; client_name = "Rallly"; client_secret = "$pbkdf2-sha512$310000$KB4UqeuVr86lEOoISSE92w$i2YGpz3wRwceiRfYnMUhZ0MboutkDPPYVWnXqiw6tUt./mgZ5kfV1ES.kcdsHhMdavhCrJfWvVTPQRJKImuUrQ"; + consent_mode = "implicit"; redirect_uris = [ "https://${svc_domain}/api/auth/callback/oidc" ]; scopes = [ "openid"