andreas/synapse-app-mas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add MAS keys directory

Browse Source
This commit is contained in:
Your Name
2025-12-01 08:35:06 -06:00
parent b765d40446
commit 92a271ede9
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mas/mas-config.template.yaml
View File

@@ -49,3 +49,5 @@ assets:
manifest: "/app/pkg/mas/share/manifest.json" manifest: "/app/pkg/mas/share/manifest.json"
policy: "/app/pkg/mas/share/policy.wasm" policy: "/app/pkg/mas/share/policy.wasm"
translations: "/app/pkg/mas/share/translations" translations: "/app/pkg/mas/share/translations"
secrets:
keys_dir: "/app/data/configs/mas-keys"

4
start.sh
View File

@@ -3,6 +3,7 @@
set -eu set -eu
mkdir -p /app/data/data /app/data/configs /run/synapse mkdir -p /app/data/data /app/data/configs /run/synapse
mkdir -p "${MAS_KEYS_DIR}"
source /app/code/env/bin/activate source /app/code/env/bin/activate
@@ -12,6 +13,7 @@ MAS_SECRET_FILE=/app/data/configs/mas-client-secret
MAS_CONFIG_TEMPLATE=/app/pkg/mas/mas-config.template.yaml MAS_CONFIG_TEMPLATE=/app/pkg/mas/mas-config.template.yaml
MAS_CONFIG_OUTPUT=/app/data/configs/mas.yaml MAS_CONFIG_OUTPUT=/app/data/configs/mas.yaml
MAS_CLI_BIN=/app/pkg/mas/mas-cli MAS_CLI_BIN=/app/pkg/mas/mas-cli
MAS_KEYS_DIR=/app/data/configs/mas-keys
MAS_OIDC_CLIENT_ID=${MAS_OIDC_CLIENT_ID:-synapse} MAS_OIDC_CLIENT_ID=${MAS_OIDC_CLIENT_ID:-synapse}
MAS_OIDC_ISSUER=${MAS_OIDC_ISSUER:-https://${MAS_DOMAIN}} MAS_OIDC_ISSUER=${MAS_OIDC_ISSUER:-https://${MAS_DOMAIN}}
MAS_OIDC_AUTH_ENDPOINT=${MAS_OIDC_AUTH_ENDPOINT:-${MAS_OIDC_ISSUER}/oauth2/authorize} MAS_OIDC_AUTH_ENDPOINT=${MAS_OIDC_AUTH_ENDPOINT:-${MAS_OIDC_ISSUER}/oauth2/authorize}
@@ -19,7 +21,7 @@ MAS_OIDC_TOKEN_ENDPOINT=${MAS_OIDC_TOKEN_ENDPOINT:-${MAS_OIDC_ISSUER}/oauth2/tok
MAS_OIDC_USERINFO_ENDPOINT=${MAS_OIDC_USERINFO_ENDPOINT:-${MAS_OIDC_ISSUER}/oauth2/userinfo} MAS_OIDC_USERINFO_ENDPOINT=${MAS_OIDC_USERINFO_ENDPOINT:-${MAS_OIDC_ISSUER}/oauth2/userinfo}
MAS_OIDC_SCOPES=${MAS_OIDC_SCOPES:-"openid profile email"} MAS_OIDC_SCOPES=${MAS_OIDC_SCOPES:-"openid profile email"}
export MAS_PORT MAS_DOMAIN MAS_CONFIG_TEMPLATE MAS_CONFIG_OUTPUT MAS_CLI_BIN export MAS_PORT MAS_DOMAIN MAS_CONFIG_TEMPLATE MAS_CONFIG_OUTPUT MAS_CLI_BIN
export MAS_OIDC_CLIENT_ID MAS_OIDC_CLIENT_SECRET MAS_OIDC_ISSUER MAS_OIDC_AUTH_ENDPOINT MAS_OIDC_TOKEN_ENDPOINT MAS_OIDC_USERINFO_ENDPOINT MAS_OIDC_SCOPES export MAS_OIDC_CLIENT_ID MAS_OIDC_CLIENT_SECRET MAS_OIDC_ISSUER MAS_OIDC_AUTH_ENDPOINT MAS_OIDC_TOKEN_ENDPOINT MAS_OIDC_USERINFO_ENDPOINT MAS_OIDC_SCOPES MAS_KEYS_DIR
# ensure we have a persistent MAS client secret for the Synapse OIDC client # ensure we have a persistent MAS client secret for the Synapse OIDC client
if [[ -f "${MAS_SECRET_FILE}" ]]; then if [[ -f "${MAS_SECRET_FILE}" ]]; then