Simplify docker autoconfig with env vars

okvpn · Sep 10, 2023 · bbd519b · bbd519b
1 parent 834320f
commit bbd519b
Show file tree

Hide file tree

Showing 2 changed files with 125 additions and 0 deletions.
diff --git a/.env b/.env
@@ -59,6 +59,35 @@ TRUSTED_HOSTS=
 # When Using a Reverse Proxy
 #TRUSTED_PROXIES=172.16.0.0/12
 
+###> packeton/oauth2 ###
+# GitLab
+# OAUTH_GITLAB_CLIENT_ID=
+# OAUTH_GITLAB_CLIENT_SECRET=
+# OAUTH_GITLAB_ALLOW_LOGIN=
+# OAUTH_GITLAB_ALLOW_REGISTRATION=
+# OAUTH_GITLAB_BASE_URL=
+# OAUTH_GITLAB_DISABLE_ORG_HOOK=
+# OAUTH_GITLAB_DISABLE_REP_HOOK=
+
+# GitHub
+# OAUTH_GITHUB_CLIENT_ID=
+# OAUTH_GITHUB_CLIENT_SECRET=
+# OAUTH_GITHUB_ALLOW_LOGIN=
+# OAUTH_GITHUB_ALLOW_REGISTRATION=
+# OAUTH_GITHUB_BASE_URL=
+# OAUTH_GITHUB_DISABLE_ORG_HOOK=
+# OAUTH_GITHUB_DISABLE_REP_HOOK=
+
+# Gitea / BITBUCKET
+# Use OAUTH_* prefix like GitLab/GitHub
+
+# Google SSO
+# OAUTH_GOOGLE_CLIENT_ID=
+# OAUTH_GOOGLE_CLIENT_SECRET=
+# OAUTH_GOOGLE_ALLOW_REGISTRATION=
+
+###< packeton/oauth2 ###
+
 ###> zipball storage ###
 STORAGE_SOURCE=local
 

diff --git a/config/packages/docker-resolve.yaml b/config/packages/docker-resolve.yaml
@@ -0,0 +1,96 @@
+resolve:
+# Symfony customization, @see Packeton\DependencyInjection\Resolve\ResolveExtension
+# deferred config loading depending on env vars
+# !After change env need to clear cache!
+    google_integration:
+        expression: 'env("OAUTH_GOOGLE_CLIENT_ID")'
+        parameters:
+            env(OAUTH_GOOGLE_ALLOW_REGISTRATION): false
+        packeton:
+            integrations:
+                google:
+                    allow_login: true # this integration makes no sense with false
+                    allow_register: '%env(bool:OAUTH_GOOGLE_ALLOW_REGISTRATION)%'
+                    google:
+                        client_id: '%env(OAUTH_GOOGLE_CLIENT_ID)%'
+                        client_secret: '%env(OAUTH_GOOGLE_CLIENT_SECRET)%'
+
+    github_integration:
+        expression: 'env("OAUTH_GITHUB_CLIENT_ID")'
+        parameters:
+            env(OAUTH_GITHUB_ALLOW_LOGIN): false
+            env(OAUTH_GITHUB_ALLOW_REGISTRATION): false
+            env(OAUTH_GITHUB_BASE_URL): null
+            env(OAUTH_GITHUB_DISABLE_ORG_HOOK): false
+            env(OAUTH_GITHUB_DISABLE_REP_HOOK): false
+        packeton:
+            integrations:
+                github:
+                    allow_login: '%env(bool:OAUTH_GITHUB_ALLOW_LOGIN)%'
+                    allow_register: '%env(bool:OAUTH_GITHUB_ALLOW_REGISTRATION)%'
+                    base_url: '%env(OAUTH_GITHUB_BASE_URL)%'
+                    disable_hook_repos: '%env(bool:OAUTH_GITHUB_DISABLE_ORG_HOOK)%'
+                    disable_hook_org: '%env(bool:OAUTH_GITHUB_DISABLE_ORG_HOOK)%'
+                    github:
+                        client_id: '%env(OAUTH_GITHUB_CLIENT_ID)%'
+                        client_secret: '%env(OAUTH_GITHUB_CLIENT_SECRET)%'
+
+    gitlab_integration:
+        expression: 'env("OAUTH_GITLAB_CLIENT_ID")'
+        parameters:
+            env(OAUTH_GITLAB_ALLOW_LOGIN): false
+            env(OAUTH_GITLAB_ALLOW_REGISTRATION): false
+            env(OAUTH_GITLAB_BASE_URL): null
+            env(OAUTH_GITLAB_DISABLE_ORG_HOOK): false
+            env(OAUTH_GITLAB_DISABLE_REP_HOOK): false
+        packeton:
+            integrations:
+                gitlab:
+                    allow_login: '%env(bool:OAUTH_GITLAB_ALLOW_LOGIN)%'
+                    allow_register: '%env(bool:OAUTH_GITLAB_ALLOW_REGISTRATION)%'
+                    base_url: '%env(OAUTH_GITLAB_BASE_URL)%'
+                    disable_hook_repos: '%env(bool:OAUTH_GITLAB_DISABLE_ORG_HOOK)%'
+                    disable_hook_org: '%env(bool:OAUTH_GITLAB_DISABLE_ORG_HOOK)%'
+                    gitlab:
+                        client_id: '%env(OAUTH_GITLAB_CLIENT_ID)%'
+                        client_secret: '%env(OAUTH_GITLAB_CLIENT_SECRET)%'
+
+    gitea_integration:
+        expression: 'env("OAUTH_GITEA_CLIENT_ID")'
+        parameters:
+            env(OAUTH_GITEA_ALLOW_LOGIN): false
+            env(OAUTH_GITEA_ALLOW_REGISTRATION): false
+            env(OAUTH_GITEA_BASE_URL): null
+            env(OAUTH_GITEA_DISABLE_ORG_HOOK): false
+            env(OAUTH_GITEA_DISABLE_REP_HOOK): false
+        packeton:
+            integrations:
+                gitea:
+                    allow_login: '%env(bool:OAUTH_GITEA_ALLOW_LOGIN)%'
+                    allow_register: '%env(bool:OAUTH_GITEA_ALLOW_REGISTRATION)%'
+                    base_url: '%env(OAUTH_GITEA_BASE_URL)%'
+                    disable_hook_repos: '%env(bool:OAUTH_GITEA_DISABLE_ORG_HOOK)%'
+                    disable_hook_org: '%env(bool:OAUTH_GITEA_DISABLE_ORG_HOOK)%'
+                    gitea:
+                        client_id: '%env(OAUTH_GITEA_CLIENT_ID)%'
+                        client_secret: '%env(OAUTH_GITEA_CLIENT_SECRET)%'
+
+    bitbucket_integration:
+        expression: 'env("OAUTH_BITBUCKET_CLIENT_ID")'
+        parameters:
+            env(OAUTH_BITBUCKET_ALLOW_LOGIN): false
+            env(OAUTH_BITBUCKET_ALLOW_REGISTRATION): false
+            env(OAUTH_BITBUCKET_BASE_URL): null
+            env(OAUTH_BITBUCKET_DISABLE_ORG_HOOK): false
+            env(OAUTH_BITBUCKET_DISABLE_REP_HOOK): false
+        packeton:
+            integrations:
+                bitbucket:
+                    allow_login: '%env(bool:OAUTH_BITBUCKET_ALLOW_LOGIN)%'
+                    allow_register: '%env(bool:OAUTH_BITBUCKET_ALLOW_REGISTRATION)%'
+                    base_url: '%env(OAUTH_BITBUCKET_BASE_URL)%'
+                    disable_hook_repos: '%env(bool:OAUTH_BITBUCKET_DISABLE_ORG_HOOK)%'
+                    disable_hook_org: '%env(bool:OAUTH_BITBUCKET_DISABLE_ORG_HOOK)%'
+                    bitbucket:
+                        client_id: '%env(OAUTH_BITBUCKET_CLIENT_ID)%'
+                        client_secret: '%env(OAUTH_BITBUCKET_CLIENT_SECRET)%'