dawarich/.env.template

# OAuth Configuration

# GitHub OAuth
GITHUB_OAUTH_CLIENT_ID=
GITHUB_OAUTH_CLIENT_SECRET=

# Google OAuth2
GOOGLE_OAUTH_CLIENT_ID=
GOOGLE_OAUTH_CLIENT_SECRET=

# Generic OpenID Connect (for Authelia, Authentik, Keycloak, etc.)
# Option 1: Using OIDC Discovery (Recommended)
# Set OIDC_ISSUER to your provider's issuer URL (e.g., https://auth.example.com)
# The provider must support OpenID Connect Discovery (.well-known/openid-configuration)
OIDC_CLIENT_ID=
OIDC_CLIENT_SECRET=
OIDC_ISSUER=
OIDC_REDIRECT_URI=

# Option 2: Manual Endpoint Configuration (if discovery is not supported)
# Use this if your provider doesn't support OIDC discovery
# OIDC_CLIENT_ID=
# OIDC_CLIENT_SECRET=
# OIDC_HOST=auth.example.com
# OIDC_SCHEME=https
# OIDC_PORT=443
# OIDC_AUTHORIZATION_ENDPOINT=/authorize
# OIDC_TOKEN_ENDPOINT=/token
# OIDC_USERINFO_ENDPOINT=/userinfo
# OIDC_REDIRECT_URI=https://yourdomain.com/users/auth/openid_connect/callback

# Example configurations:
#
# Authelia:
# OIDC_ISSUER=https://auth.example.com
# OIDC_CLIENT_ID=your-client-id
# OIDC_CLIENT_SECRET=your-client-secret
# OIDC_REDIRECT_URI=https://dawarich.example.com/users/auth/openid_connect/callback
#
# Authentik:
# OIDC_ISSUER=https://authentik.example.com/application/o/dawarich/
# OIDC_CLIENT_ID=your-client-id
# OIDC_CLIENT_SECRET=your-client-secret
# OIDC_REDIRECT_URI=https://dawarich.example.com/users/auth/openid_connect/callback
#
# Keycloak:
# OIDC_ISSUER=https://keycloak.example.com/realms/your-realm
# OIDC_CLIENT_ID=dawarich
# OIDC_CLIENT_SECRET=your-client-secret
# OIDC_REDIRECT_URI=https://dawarich.example.com/users/auth/openid_connect/callback
Implement OIDC authentication for Dawarich using omniauth_openid_connect gem. 2025-10-26 13:10:48 -04:00			`# OAuth Configuration`

			`# GitHub OAuth`
			`GITHUB_OAUTH_CLIENT_ID=`
			`GITHUB_OAUTH_CLIENT_SECRET=`

			`# Google OAuth2`
			`GOOGLE_OAUTH_CLIENT_ID=`
			`GOOGLE_OAUTH_CLIENT_SECRET=`

			`# Generic OpenID Connect (for Authelia, Authentik, Keycloak, etc.)`
			`# Option 1: Using OIDC Discovery (Recommended)`
			`# Set OIDC_ISSUER to your provider's issuer URL (e.g., https://auth.example.com)`
			`# The provider must support OpenID Connect Discovery (.well-known/openid-configuration)`
			`OIDC_CLIENT_ID=`
			`OIDC_CLIENT_SECRET=`
			`OIDC_ISSUER=`
			`OIDC_REDIRECT_URI=`

			`# Option 2: Manual Endpoint Configuration (if discovery is not supported)`
			`# Use this if your provider doesn't support OIDC discovery`
			`# OIDC_CLIENT_ID=`
			`# OIDC_CLIENT_SECRET=`
			`# OIDC_HOST=auth.example.com`
			`# OIDC_SCHEME=https`
			`# OIDC_PORT=443`
			`# OIDC_AUTHORIZATION_ENDPOINT=/authorize`
			`# OIDC_TOKEN_ENDPOINT=/token`
			`# OIDC_USERINFO_ENDPOINT=/userinfo`
			`# OIDC_REDIRECT_URI=https://yourdomain.com/users/auth/openid_connect/callback`

			`# Example configurations:`
			`#`
			`# Authelia:`
			`# OIDC_ISSUER=https://auth.example.com`
			`# OIDC_CLIENT_ID=your-client-id`
			`# OIDC_CLIENT_SECRET=your-client-secret`
			`# OIDC_REDIRECT_URI=https://dawarich.example.com/users/auth/openid_connect/callback`
			`#`
			`# Authentik:`
			`# OIDC_ISSUER=https://authentik.example.com/application/o/dawarich/`
			`# OIDC_CLIENT_ID=your-client-id`
			`# OIDC_CLIENT_SECRET=your-client-secret`
			`# OIDC_REDIRECT_URI=https://dawarich.example.com/users/auth/openid_connect/callback`
			`#`
			`# Keycloak:`
			`# OIDC_ISSUER=https://keycloak.example.com/realms/your-realm`
			`# OIDC_CLIENT_ID=dawarich`
			`# OIDC_CLIENT_SECRET=your-client-secret`
			`# OIDC_REDIRECT_URI=https://dawarich.example.com/users/auth/openid_connect/callback`