From a024c993aff1c4714814c3a6d7c4ae551dc08c67 Mon Sep 17 00:00:00 2001
From: LRVT <21357789+l4rm4nd@users.noreply.github.com>
Date: Tue, 13 Aug 2024 11:50:49 +0200
Subject: [PATCH] chore: add optional SSO envs

---
 examples/hedgedoc/docker-compose.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/examples/hedgedoc/docker-compose.yml b/examples/hedgedoc/docker-compose.yml
index 1623232..3da5563 100644
--- a/examples/hedgedoc/docker-compose.yml
+++ b/examples/hedgedoc/docker-compose.yml
@@ -26,6 +26,19 @@ services:
       - CMD_SESSION_SECRET="discolor-subtitle-seducing-result-ceramics" # define secret
       - CMD_ALLOW_EMAIL_REGISTER="false" # disallow registration
       - CMD_EMAIL="false" # disallow login; only guest notes
+      # ------- OAUTH SSO -------
+      # see https://docs.goauthentik.io/integrations/services/hedgedoc/
+      #- CMD_ALLOW_ANONYMOUS_EDITS=False
+      #- CMD_OAUTH2_USER_PROFILE_URL=https://authentik.example.com/application/o/userinfo/
+      #- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username
+      #- CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name
+      #- CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
+      #- CMD_OAUTH2_TOKEN_URL=https://authentik.example.com/application/o/token/
+      #- CMD_OAUTH2_AUTHORIZATION_URL=https://authentik.example.com/application/o/authorize/
+      #- CMD_OAUTH2_CLIENT_ID=<ID>
+      #- CMD_OAUTH2_CLIENT_SECRET=<SECRET>
+      #- CMD_OAUTH2_PROVIDERNAME=Authentik
+      #- CMD_OAUTH2_SCOPE=openid email profile
     volumes:
       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/hedgedoc/uploads:/hedgedoc/public/uploads
     ports: