From cb7459c286489c4811d376bbeb3cc59e9a1c0175 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= Date: Mon, 18 Oct 2021 14:15:54 +0200 Subject: [PATCH] nixos/hedgedoc: add more options for oauth2 --- nixos/modules/services/web-apps/hedgedoc.nix | 63 ++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/nixos/modules/services/web-apps/hedgedoc.nix b/nixos/modules/services/web-apps/hedgedoc.nix index b434f16e9bdc..e0c00fe67ea3 100644 --- a/nixos/modules/services/web-apps/hedgedoc.nix +++ b/nixos/modules/services/web-apps/hedgedoc.nix @@ -539,6 +539,69 @@ in Specify the OAuth token URL. ''; }; + baseURL = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Specify the OAuth base URL. + ''; + }; + userProfileURL = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Specify the OAuth userprofile URL. + ''; + }; + userProfileUsernameAttr = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Specify the name of the attribute for the username from the claim. + ''; + }; + userProfileDisplayNameAttr = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Specify the name of the attribute for the display name from the claim. + ''; + }; + userProfileEmailAttr = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Specify the name of the attribute for the email from the claim. + ''; + }; + scope = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Specify the OAuth scope. + ''; + }; + providerName = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Specify the name to be displayed for this strategy. + ''; + }; + rolesClaim = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Specify the role claim name. + ''; + }; + accessRole = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Specify role which should be included in the ID token roles claim to grant access + ''; + }; clientID = mkOption { type = types.str; description = ''