sora/nixconfig
1
0
Fork 1
Code Issues 2 Pull Requests Actions Releases Activity
Files
f5f28968c6680545f1a6f1b784d3763dc74895f1
nixconfig/modules/server/containers/data/authentik/nextcloud.yaml
soraefir f5f28968c6 test blueprint fix
2026-05-10 18:58:13 +02:00

79 lines
2.5 KiB
YAML
Raw Blame History

version: 1
metadata:
name: nextcloud-saml-setup
entries:
# 1. Create the SAML Provider
- model: authentik_providers_saml.samlprovider
identifiers:
name: Nextcloud SAML
attrs:
authorization_flow:
!Find [
authentik_flows.flow,
[slug, default-provider-authorization-explicit-consent],
]
invalidation_flow:
!Find [authentik_flows.flow, [slug, default-provider-invalidation-flow]]
# Adjust these URLs to match your Nextcloud domain
acs_url: https://@NEXTCLOUD_DOMAIN@/apps/user_saml/saml/acs
audience: https://@NEXTCLOUD_DOMAIN@/apps/user_saml/saml/metadata
issuer: https://@AUTHENTIK_DOMAIN@
sp_binding: post
# Map the attributes for Name, Email, and Groups
property_mappings:
- !Find [
authentik_core.propertymapping,
[name, "authentik default SAML Mapping: Name"],
]
- !Find [
authentik_core.propertymapping,
[name, "authentik default SAML Mapping: Email"],
]
- !Find [
authentik_core.propertymapping,
[name, "authentik default SAML Mapping: Groups"],
]
# - !Find [
# authentik_providers_saml.samlpropertymapping,
# [managed, "goauthentik.io/providers/saml/ms-name"],
# ]
# - !Find [
# authentik_providers_saml.samlpropertymapping,
# [managed, "goauthentik.io/providers/saml/ms-email"],
# ]
# - !Find [
# authentik_providers_saml.samlpropertymapping,
# [managed, "goauthentik.io/providers/saml/ms-groups"],
# ]
# - !Find [
# authentik_core.propertymapping,
# [managed, goauthentik.io/providers/saml/ms-name],
# ]
# - !Find [
# authentik_core.propertymapping,
# [managed, goauthentik.io/providers/saml/ms-email],
# ]
# - !Find [
# authentik_core.propertymapping,
# [managed, goauthentik.io/providers/saml/ms-groups],
# ]
# Select your signing certificate (default is usually self-signed)
signing_kp:
!Find [
authentik_crypto.certificatekeypair,
[name, "authentik Self-signed Certificate"],
]
# 2. Create the Application
- model: authentik_core.application
identifiers:
slug: nextcloud
attrs:
name: Nextcloud
provider:
!Find [authentik_providers_saml.samlprovider, [name, Nextcloud SAML]]
group: "Cloud Services"
Reference in New Issue View Git Blame Copy Permalink