Outline: Difference between revisions

Line 84:

== Setup with Nginx ==

Similar as before but this time with Nginx handling SSL

Similar as before but this time with Nginx handling SSL. We are also going to use a better way of adding static passwords in our configuration. Previous example used the <code>mockPassword</code> connector, which is [https://github.com/dexidp/dex/blob/8e07edc188222fed79a6db7c8e3e57e6d8e82df7/server/server.go#L566 an undocumented configuration option] in Dex, used solely to [https://github.com/dexidp/dex/blob/8e07edc188222fed79a6db7c8e3e57e6d8e82df7/server/handlers_test.go#L250 run some tests]. In the following example the [https://dexidp.io/docs/connectors/local/ staticPasswords] configuration is used instead, this allows using a hash for the password instead of clear text. This also allows setting a real email to the users which can be used to send notifications if an SMTP server is configured (e.g. <code>AWS SES, Postmark, Sendgrid</code>) through [https://search.nixos.org/options?channel=23.11&from=0&size=50&sort=relevance&type=packages&query=services.outline.smtp services.outline.smtp].

Keep in mind, if you created your first user with the previous method (mockPassword), that user is your only <code>admin</code> user and you need to keep it around in order to confer <code>admin</code> privileges to the next user.

{{file|/etc/nixos/configuration.nix|nix|<nowiki>

Line 120:

Line 122:

enable = true;

publicUrl = "https://outline.example.tld";

port = 3003; # using 3003 instead of default 3000

port = 3003; # using 3003 instead of default 3000 just in case another service is already using 3000

forceHttps = false;

storage.storageType = "local";

Line 149:

Line 151:

}

];

~~connectors~~ = [

staticPasswords = [

{

~~type~~ = "~~mockPassword~~";

email = "user.email@example.com";

~~id =~~ "~~mock~~";

# bcrypt hash of the string "password": $(echo password | htpasswd -BinC 10 admin | cut -d: -f2)

~~name~~ = "~~Test~~";

hash = "10$TDh68T5XUK10$TDh68T5XUK10$TDh68T5XUK";

~~config = {~~

username = "test";

~~# this is the dex user/pass combo to log into outline~~

# easily generated with `$ uuidgen`

username = "~~testuser~~";

userID = "6D196B03-8A28-4D6E-B849-9298168CBA34";

~~password~~ = "~~pass123~~";

};

}

];

};

Line 169:

== Reminder ==

If you see an error that says something like `option "services.outline.storage.storageType" does not exist"` you may need to update your channels (`nix-channel --update`)

If you see an error that says something like <code>option "services.outline.storage.storageType" does not exist"</code> you may need to update your channels (<code>nix-channel --update</code>)

== See also ==

@@ Line 84: / Line 84: @@
 == Setup with Nginx ==
-Similar as before but this time with Nginx handling SSL
+Similar as before but this time with Nginx handling SSL. We are also going to use a better way of adding static passwords in our configuration. Previous example used the <code>mockPassword</code> connector, which is [https://github.com/dexidp/dex/blob/8e07edc188222fed79a6db7c8e3e57e6d8e82df7/server/server.go#L566 an undocumented configuration option] in Dex, used solely to [https://github.com/dexidp/dex/blob/8e07edc188222fed79a6db7c8e3e57e6d8e82df7/server/handlers_test.go#L250 run some tests]. In the following example the [https://dexidp.io/docs/connectors/local/ staticPasswords] configuration is used instead, this allows using a hash for the password instead of clear text. This also allows setting a real email to the users which can be used to send notifications if an SMTP server is configured (e.g. <code>AWS SES, Postmark, Sendgrid</code>) through [https://search.nixos.org/options?channel=23.11&from=0&size=50&sort=relevance&type=packages&query=services.outline.smtp services.outline.smtp].
+Keep in mind, if you created your first user with the previous method (mockPassword), that user is your only <code>admin</code> user and you need to keep it around in order to confer <code>admin</code> privileges to the next user.
 {{file|/etc/nixos/configuration.nix|nix|<nowiki>
@@ Line 120: / Line 122: @@
      enable = true;
      publicUrl = "https://outline.example.tld";
-     port = 3003; # using 3003 instead of default 3000
+     port = 3003; # using 3003 instead of default 3000 just in case another service is already using 3000
      forceHttps = false;
      storage.storageType = "local";
@@ Line 149: / Line 151: @@
          }
        ];
-       connectors = [
+       staticPasswords = [
          {
-           type = "mockPassword";
+           email = "user.email@example.com";
-           id = "mock";
+           # bcrypt hash of the string "password": $(echo password | htpasswd -BinC 10 admin | cut -d: -f2)
-           name = "Test";
+           hash = "10$TDh68T5XUK10$TDh68T5XUK10$TDh68T5XUK";
-           config = {
+           username = "test";
-            # this is the dex user/pass combo to log into outline
+          # easily generated with `$ uuidgen`
-            username = "testuser";
+          userID = "6D196B03-8A28-4D6E-B849-9298168CBA34";
-            password = "pass123";
-          };
          }
        ];
      };
    };
@@ Line 169: / Line 169: @@
 == Reminder ==
-If you see an error that says something like `option "services.outline.storage.storageType" does not exist"` you may need to update your channels (`nix-channel --update`)
+If you see an error that says something like <code>option "services.outline.storage.storageType" does not exist"</code> you may need to update your channels (<code>nix-channel --update</code>)
 == See also ==