 | CodiMD | 216 Members |
| We run, support and develop the community project CodiMD | Latest version: https://demo.codimd.org/ | Repository: https://github.com/codimd/server | Follow us at: https://social.codimd.org/mastodon | 49 Servers |
| CodiMD | 216 Members |
| We run, support and develop the community project CodiMD | Latest version: https://demo.codimd.org/ | Repository: https://github.com/codimd/server | Follow us at: https://social.codimd.org/mastodon | 49 Servers |
| Timestamp | Message | |
|---|---|---|
| 24 Jan 2020 | ||
| 14:53:32 |  foobarable | * our id is not really mail, you can omit it as well to use the NaneID from the SAML assertion |
| 14:54:13 |  Giovanni Biscuolo | * mumble: do I have to switch on SAML auth before? |
| 14:58:09 | Giovanni Biscuolo | OK, I'm going to try, thanks a lot! The fact is that the the config.json of my docker image is created at build time via docker-compose (AFAIU), so in my current instance, lacking explicit config env, the resulting config.json completely lacks a "saml" section |
| 14:59:15 | Giovanni Biscuolo | all this just to say that IMHO point 1 and 2 on https://github.com/hackmdio/codimd/blob/master/docs/guides/auth/saml.md should be swapped |
| 14:59:21 | foobarable | that would explain it |
| 15:02:00 |  Sheogorath | Giovanni Biscuolo: Before we go too much into it, please make sure you use our repository, not the HackMD team's |
| 15:02:11 | Giovanni Biscuolo | last but not least: https://github.com/hackmdio/codimd/blob/master/docs/guides/auth/saml.md cites HMD_SAML_ISSUER and HMD_SAML_IDENTIFIERFORMAT but https://github.com/codimd/server/blob/master/docs/configuration-env-vars.md doc calls them differently (s/HMD/CMD) |
| 15:02:40 | Sheogorath | check that you got the soruces from https://github.com/codimd/server/ and not from https://github.com/hackmdio/codimd/ (which is the docs you link) |
| 15:03:13 | Giovanni Biscuolo | I'm, almost sure I'm using yours, but'll double ckeck: thanks! |
| 15:04:07 | Sheogorath | Giovanni Biscuolo: Nice :) Just want to make sure we can actually help you as we have no control over HackMD's version and they did lots of change |
| 15:04:50 | Giovanni Biscuolo | In reply to @sheogorath:shivering-isles.com* I'm, almost sure I'm using yours, but'll double ckeck: thanks! |
| 15:08:38 | Sheogorath | if you want to use a config.json, by the way, you can still mount it into the container. We don't do this by default, because we try to stay with the 12-Factor App standards and therefore use environment variables from configs |
| 15:09:27 | Sheogorath | But I definitely agree that the guide lacks some important parts D: |
| 15:13:34 | Giovanni Biscuolo | I'd also like to use env to config my instance, if I'll manage to fix my config I'd like to propose a patch to that guide :-) |
| 15:36:05 | Sheogorath | Awesome, let me know how that goes. I can give you some additional pointers: https://www.npmjs.com/package/passport-saml <-- the library we use for saml https://github.com/codimd/server/blob/master/lib/web/auth/saml/index.js <-- the implementation on our side https://github.com/codimd/server/blob/c9e66c0385afe55fcc140cc815d876982358f48e/lib/config/environment.js#L118-L131 <-- the mapping of environment variables to config variables |
| 15:36:25 | Sheogorath | Giovanni Biscuolo: ^ Hope that can help debugging |
| 16:00:18 | Giovanni Biscuolo | Sheogorath: thanks a lot for the pointers, very useful! |
| 16:03:15 | Giovanni Biscuolo | anyway, I added this two env variables: and verified that they are defined in the docker env... but still getting 404 (when logged in as registered user) or required auth when not logged in |
| 16:07:53 | Giovanni Biscuolo | I'm going to write an help post on the forum, if someone have a working docker instance using SAML via env variables please just say "it works for me" :-) |
| 17:19:30 | Sheogorath | Let me check, I think my private instance either runs SAML or ODIC |
| 17:19:51 | Sheogorath | mhm ODIC |
| 17:20:05 | Sheogorath | * Let me check, I think my private instance either runs SAML or ODIC |
| 17:26:11 | Sheogorath | Giovanni Biscuolo: Do you have the idpCert mapped into the container? this should be needed in order to make things work |
| 17:26:18 | Sheogorath | * Giovanni Biscuolo: Do you have the idpCert mapped into the container? this should be needed in order to make things work |
| 17:31:20 | Giovanni Biscuolo | Sheogorath: no I did not configured (and loaded cert) into the container, but do I need it "just" to access the auth/saml/metadata URL and get the SP (CodiMD) XML metadata? |
| 17:34:54 |  RSS Bot [@sheogorath:shivering-isles.com] | CodiMD Community - Latest topics: Problem configuring SAML auth |
| 17:35:26 | Sheogorath | Giovanni Biscuolo: Not completely sure, looking at the code for a second suggests it: https://github.com/codimd/server/blob/c9e66c0385afe55fcc140cc815d876982358f48e/lib/web/auth/saml/index.js#L15-L22 |
| 17:39:45 | Giovanni Biscuolo | Sheogorath: that is for |
| 17:40:39 | Giovanni Biscuolo | please how can I set debugging log level with env variables? |
| 17:41:41 | Giovanni Biscuolo | In reply to @gbiscuolo:matrix.orgah, nevermind: found CMD_LOGLEVEL |