From 901665769919b1ba99774667d7ce3abd63b99e28 Mon Sep 17 00:00:00 2001 From: soraefir Date: Sun, 10 May 2026 19:34:46 +0200 Subject: [PATCH] import cert --- modules/server/containers/apps/nextcloud.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/server/containers/apps/nextcloud.nix b/modules/server/containers/apps/nextcloud.nix index bc83957..ecdca41 100644 --- a/modules/server/containers/apps/nextcloud.nix +++ b/modules/server/containers/apps/nextcloud.nix @@ -139,7 +139,8 @@ in { $OCC saml:config:set --idp-entityId="https://${serverCfg.containers.authentik.subdomain}.${serverCfg.hostDomain}" $OCC saml:config:set --idp-singleSignOnService.url="https://${serverCfg.containers.authentik.subdomain}.${serverCfg.hostDomain}/application/saml/${containerCfg.subdomain}/sso/binding/redirect/" $OCC saml:config:set --idp-singleLogoutService.url="https://${serverCfg.containers.authentik.subdomain}.${serverCfg.hostDomain}/application/saml/${containerCfg.subdomain}/slo/binding/redirect/" - $OCC saml:config:set --idp-x509cert="MII..." + AUTHENTIK_CERT=$(psql -h localhost -U authentik_user -d authentik_db -t -c "SELECT certificate_data FROM authentik_crypto_certificatekeypair WHERE name = 'authentik Self-signed Certificate';" | sed '/---/d' | tr -d '+ \n') + $OCC saml:config:set --idp-x509cert="$AUTHENTIK_CERT" $OCC saml:config:set --saml-attribute-mapping-displayName_mapping="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" $OCC saml:config:set --saml-attribute-mapping-email_mapping="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"