mirror of https://github.com/FreshRSS/FreshRSS.git
Prepare Alpine OIDC (#5764)
* Prepare Alpine OIDC * Prepare syntax for OpenID Connect in Alpine. * Update :newest Alpine development image to PHP 8.3 * Fix a little bug in test of OIDC_SCOPES * Changelog + syntax * shellchecks
This commit is contained in:
parent
b228342b2f
commit
51a95afdbb
|
@ -5,7 +5,7 @@
|
|||
* Bug fixing
|
||||
* Fix regression in i18n English fallback for extensions [#5752](https://github.com/FreshRSS/FreshRSS/pull/5752)
|
||||
* Fix identification of thumbnails [#5750](https://github.com/FreshRSS/FreshRSS/pull/5750)
|
||||
* OpenID Connect compatibility with colon `:` in `OIDC_SCOPES` [#5753](https://github.com/FreshRSS/FreshRSS/pull/5753)
|
||||
* OpenID Connect compatibility with colon `:` in `OIDC_SCOPES` [#5753](https://github.com/FreshRSS/FreshRSS/pull/5753), [#5764](https://github.com/FreshRSS/FreshRSS/pull/5764)
|
||||
* Avoid a warning on non-numeric `TRUSTED_PROXY` environment variable [#5733](https://github.com/FreshRSS/FreshRSS/pull/5733)
|
||||
* Better identification of proxied client IP with `RemoteIPInternalProxy` in Apache [#5740](https://github.com/FreshRSS/FreshRSS/pull/5740)
|
||||
* i18n
|
||||
|
@ -15,6 +15,10 @@
|
|||
* Improve *Origine* theme (dark mode) [#5745](https://github.com/FreshRSS/FreshRSS/pull/5745)
|
||||
* Improve *Nord* theme [#5754](https://github.com/FreshRSS/FreshRSS/pull/5754)
|
||||
* Various UI and style improvements [#5737](https://github.com/FreshRSS/FreshRSS/pull/5737)
|
||||
* Deployment
|
||||
* Docker: Upgraded Alpine dev image `freshrss/freshrss:newest` to PHP 8.3 [#5764](https://github.com/FreshRSS/FreshRSS/pull/5764)
|
||||
* Compatibility
|
||||
* Test compatibility with PHP 8.3 [#5764](https://github.com/FreshRSS/FreshRSS/pull/5764)
|
||||
* Misc.
|
||||
* Move to GitHub Actions for our GitHub Pages [#5681](https://github.com/FreshRSS/FreshRSS/pull/5681)
|
||||
|
||||
|
|
|
@ -5,11 +5,11 @@ SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
|
|||
RUN echo 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories && \
|
||||
apk add --no-cache \
|
||||
tzdata \
|
||||
apache2 php82-apache2 \
|
||||
apache2 php83-apache2 \
|
||||
apache-mod-auth-openidc \
|
||||
php82 php82-curl php82-gmp php82-intl php82-mbstring php82-xml php82-zip \
|
||||
php82-ctype php82-dom php82-fileinfo php82-iconv php82-json php82-opcache php82-openssl php82-phar php82-session php82-simplexml php82-xmlreader php82-xmlwriter php82-xml php82-tokenizer php82-zlib \
|
||||
php82-pdo_sqlite php82-pdo_mysql php82-pdo_pgsql
|
||||
php83 php83-curl php83-gmp php83-intl php83-mbstring php83-xml php83-zip \
|
||||
php83-ctype php83-dom php83-fileinfo php83-iconv php83-json php83-opcache php83-openssl php83-phar php83-session php83-simplexml php83-xmlreader php83-xmlwriter php83-xml php83-tokenizer php83-zlib \
|
||||
php83-pdo_sqlite php83-pdo_mysql php83-pdo_pgsql
|
||||
|
||||
RUN mkdir -p /var/www/FreshRSS /run/apache2/
|
||||
WORKDIR /var/www/FreshRSS
|
||||
|
@ -41,8 +41,9 @@ RUN rm -f /etc/apache2/conf.d/languages.conf /etc/apache2/conf.d/info.conf \
|
|||
/etc/apache2/httpd.conf && \
|
||||
sed -r -i "/^\s*(CustomLog|ErrorLog|Listen) /s/^/#/" \
|
||||
/etc/apache2/httpd.conf && \
|
||||
if [ ! -f /usr/bin/php ]; then ln -s /usr/bin/php82 /usr/bin/php; else true; fi && \
|
||||
echo 'memory_limit = 256M' > /etc/php82/conf.d/10_memory.ini && \
|
||||
mv /etc/apache2/conf.d/mod-auth-openidc.conf /etc/apache2/conf.d/mod-auth-openidc.conf.bak && \
|
||||
if [ ! -f /usr/bin/php ]; then ln -s /usr/bin/php83 /usr/bin/php; else true; fi && \
|
||||
echo 'memory_limit = 256M' > /etc/php83/conf.d/10_memory.ini && \
|
||||
# Disable built-in updates when using Docker, as the full image is supposed to be updated instead.
|
||||
sed -r -i "\\#disable_update#s#^.*#\t'disable_update' => true,#" ./config.default.php && \
|
||||
touch /var/www/FreshRSS/Docker/env.txt && \
|
||||
|
|
|
@ -22,9 +22,12 @@ if [ -n "$TRUSTED_PROXY" ]; then
|
|||
fi
|
||||
|
||||
if [ -n "$OIDC_ENABLED" ] && [ "$OIDC_ENABLED" -ne 0 ]; then
|
||||
a2enmod -q auth_openidc
|
||||
if [ -n "$OIDC_ENABLED" ]; then
|
||||
# Compatibility with : as separator instead of space:
|
||||
# Debian
|
||||
(which a2enmod >/dev/null && a2enmod -q auth_openidc) ||
|
||||
# Alpine
|
||||
(mv /etc/apache2/conf.d/mod-auth-openidc.conf.bak /etc/apache2/conf.d/mod-auth-openidc.conf && echo 'Enabling module auth_openidc.')
|
||||
if [ -n "$OIDC_SCOPES" ]; then
|
||||
# Compatibility with : as separator instead of space
|
||||
OIDC_SCOPES=$(echo "$OIDC_SCOPES" | tr ':' ' ')
|
||||
export OIDC_SCOPES
|
||||
fi
|
||||
|
|
Loading…
Reference in New Issue