pierre/MoneyMgr
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases 3 Wiki Activity

OIDC functional
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Pierre HUBERT
2025-05-19 21:08:51 +02:00
parent 43fb8dcda6
commit 87f017fc42
6 changed files with 27 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -3,6 +3,8 @@
Open Source web-based personal expenses tool. Open Source web-based personal expenses tool.
**Note :** This project does not handle authentication itself. Instead, it relies on OpenID to achieve users authentication.
## Setup prod env ## Setup prod env
1. Install prerequisites: 1. Install prerequisites:
1. docker 1. docker
@ -35,6 +37,8 @@ docker compose up
6. Checkout http://localhost:8000/ 6. Checkout http://localhost:8000/
> The default credentials are `admin` / `admin`
## Setup dev env ## Setup dev env
1. Install prerequisites: 1. Install prerequisites:
1. docker 1. docker

5
docker_prod/.env.sample
View File

@ -4,4 +4,7 @@ DB_USER=db_user
DB_PASSWORD=db_password DB_PASSWORD=db_password
REDIS_PASS=redis_password REDIS_PASS=redis_password
WEBSITE_ORIGIN=http://localhost:8000 WEBSITE_ORIGIN=http://localhost:8000
APP_SECRET=secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret APP_SECRET=secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret
AUTH_SECRET_KEY=secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret
OIDC_CLIENT_ID=bar
OIDC_CLIENT_SECRET=foo

1
docker_prod/.gitignore vendored
View File

@ -1,2 +1,3 @@
.env .env
storage storage
auth/users.json

5
docker_prod/auth/clients.yaml Normal file
View File

@ -0,0 +1,5 @@
- id: ${OIDC_CLIENT_ID}
name: MoneyMgr
description: Money management tool
secret: ${OIDC_CLIENT_SECRET}
redirect_uri: ${APP_ORIGIN}/oidc_cb

27
docker_prod/dex/dex.config.yaml
View File

@ -1,27 +0,0 @@
issuer: http://localhost:9001/dex
storage:
type: memory
web:
http: 0.0.0.0:9001
oauth2:
# Automate some clicking
# Note: this might actually make some tests pass that otherwise wouldn't.
skipApprovalScreen: false
connectors:
# Note: this might actually make some tests pass that otherwise wouldn't.
- type: mockCallback
id: mock
name: Example
# Basic OP test suite requires two clients.
staticClients:
- id: foo
secret: bar
redirectURIs:
- http://localhost:8000/oidc_cb
name: Project

19
docker_prod/docker-compose.yml
View File

@ -29,15 +29,22 @@ services:
- ./storage/db:/var/lib/postgresql/data - ./storage/db:/var/lib/postgresql/data
oidc: oidc:
image: dexidp/dex image: pierre42100/basic_oidc
user: "1000" user: "1000"
environment:
- LISTEN_ADDRESS=0.0.0.0:9001
- STORAGE_PATH=/storage
- TOKEN_KEY=$AUTH_SECRET_KEY
- WEBSITE_ORIGIN=http://localhost:9001
- OIDC_CLIENT_ID=$OIDC_CLIENT_ID
- OIDC_CLIENT_SECRET=$OIDC_CLIENT_SECRET
- APP_ORIGIN=$WEBSITE_ORIGIN
expose: expose:
- 9001 - 9001
ports: ports:
- 9001:9001 - 9001:9001
volumes: volumes:
- ./dex:/conf:ro - ./auth:/storage
command: [ "dex", "serve", "/conf/dex.config.yaml" ]
redis: redis:
image: redis:alpine image: redis:alpine
@ -61,10 +68,10 @@ services:
- DB_USERNAME=$DB_USER - DB_USERNAME=$DB_USER
- DB_PASSWORD=$DB_PASSWORD - DB_PASSWORD=$DB_PASSWORD
- DB_NAME=moneymgr - DB_NAME=moneymgr
- OIDC_CONFIGURATION_URL=http://oidc:9001/dex/.well-known/openid-configuration - OIDC_CONFIGURATION_URL=http://oidc:9001/.well-known/openid-configuration
- OIDC_PROVIDER_NAME=OIDC - OIDC_PROVIDER_NAME=OIDC
- OIDC_CLIENT_ID=foo - OIDC_CLIENT_ID=$OIDC_CLIENT_ID
- OIDC_CLIENT_SECRET=bar - OIDC_CLIENT_SECRET=$OIDC_CLIENT_SECRET
- S3_ENDPOINT=http://minio:9000 - S3_ENDPOINT=http://minio:9000
- S3_ACCESS_KEY=$MINIO_ROOT_USER - S3_ACCESS_KEY=$MINIO_ROOT_USER
- S3_SECRET_KEY=$MINIO_ROOT_PASSWORD - S3_SECRET_KEY=$MINIO_ROOT_PASSWORD