Outline: Difference between revisions
imported>Onny Remove unstable notice |
imported>Sleepful m adds nginx example |
||
| Line 81: | Line 81: | ||
Outline is available at http://localhost . Choose login provider "Dex" and authenticate with the example mock login <code>admin</code> and <code>password</code>. | Outline is available at http://localhost . Choose login provider "Dex" and authenticate with the example mock login <code>admin</code> and <code>password</code>. | ||
== Setup with Nginx == | |||
Similar as before but this time with Nginx handling SSL | |||
{{file|/etc/nixos/configuration.nix|nix|<nowiki> | |||
{ config, pkgs, lib, ... }: { | |||
services.nginx = { | |||
enable = true; | |||
recommendedProxySettings = true; | |||
recommendedTlsSettings = true; | |||
virtualHosts = { | |||
"outline.example.tld" = { | |||
onlySSL = true; | |||
useACMEHost = "example.tld"; # assuming security.acme.certs."example.tld" with `extraDomainNames = [ "outline.example.tld" ]` | |||
locations."/" = { | |||
proxyPass = "http://localhost:${toString config.services.outline.port}"; | |||
proxyWebsockets = true; | |||
extraConfig = '' | |||
proxy_set_header X-Scheme $scheme; | |||
''; | |||
}; | |||
}; | |||
"dex.example.tld" = { | |||
onlySSL = true; | |||
useACMEHost = "example.tld"; | |||
locations."/" = { | |||
proxyPass = "http://${config.services.dex.settings.web.http}"; | |||
proxyWebsockets = true; | |||
}; | |||
}; | |||
}; | |||
}; | |||
services.outline = { | |||
enable = true; | |||
publicUrl = "https://outline.example.tld"; | |||
port = 3003; # using 3003 instead of default 3000 | |||
forceHttps = false; | |||
storage.storageType = "local"; | |||
oidcAuthentication = { | |||
authUrl = "https://dex.example.tld/auth"; | |||
tokenUrl = "https://dex.example.tld/token"; | |||
userinfoUrl = "https://dex.example.tld/userinfo"; | |||
clientId = "outline"; | |||
clientSecretFile = (builtins.elemAt config.services.dex.settings.staticClients 0).secretFile; | |||
scopes = [ "openid" "email" "profile" ]; | |||
usernameClaim = "preferred_username"; | |||
displayName = "Dex"; | |||
}; | |||
}; | |||
services.dex = { | |||
enable = true; | |||
settings = { | |||
issuer = "https://dex.example.tld"; | |||
storage.type = "sqlite3"; | |||
web.http = "127.0.0.1:5556"; | |||
staticClients = [ | |||
{ | |||
id = "outline"; | |||
name = "Outline Client"; | |||
redirectURIs = [ "https://outline.example.tld/auth/oidc.callback" ]; | |||
secretFile = "${pkgs.writeText "outline-oidc-secret" "test123"}"; | |||
} | |||
]; | |||
connectors = [ | |||
{ | |||
type = "mockPassword"; | |||
id = "mock"; | |||
name = "Test"; | |||
config = { | |||
# this is the dex user/pass combo to log into outline | |||
username = "testuser"; | |||
password = "pass123"; | |||
}; | |||
} | |||
]; | |||
}; | |||
}; | |||
</nowiki>}} | |||
== See also == | == See also == | ||