From 35fe838e8848f216ac45f838e88a33260033554f Mon Sep 17 00:00:00 2001 From: Bernd Storath Date: Tue, 26 May 2026 16:01:42 +0200 Subject: [PATCH] move docs to own page --- .../config/external-authentication.md | 50 +++++++++++++++++++ .../advanced/config/optional-config.md | 22 -------- 2 files changed, 50 insertions(+), 22 deletions(-) create mode 100644 docs/content/advanced/config/external-authentication.md diff --git a/docs/content/advanced/config/external-authentication.md b/docs/content/advanced/config/external-authentication.md new file mode 100644 index 00000000..2a4dee8b --- /dev/null +++ b/docs/content/advanced/config/external-authentication.md @@ -0,0 +1,50 @@ +--- +title: External Authentication +--- + +## OAuth + +### Providers + +To enable OAuth set the env var `OAUTH_PROVIDERS` to any of the following providers: + +| Provider | Value | +| ----------------- | -------- | +| [Google](#google) | `google` | +| [GitHub](#github) | `github` | + +You can enable multiple providers by separating them with a comma: + +e.g. `google,github` + +### Google + + + +| Env | Required | Example | Description | +| ----------------------------- | -------- | -------------------------------- | ----------------------------------------- | +| `OAUTH_GOOGLE_CLIENT_ID` | ✔️ | `123.apps.googleusercontent.com` | Google Client ID | +| `OAUTH_GOOGLE_CLIENT_SECRET` | ✔️ | `GOCSPX-xxx` | Google Client Secret | +| `OAUTH_GOOGLE_ALLOWED_DOMAIN` | ✖️ | `example.com` | Restrict login to a specific email domain | + +#### Setup + +1. Go to [Google Cloud Console](https://console.cloud.google.com/apis/credentials) +2. Create an OAuth 2.0 Client ID (Web application) +3. Add Authorized redirect URI: `https:///api/auth/google/callback` +4. Copy the Client ID and Client Secret to the environment variables + +### GitHub + +| Env | Required | Example | Description | +| ---------------------------- | -------- | ------- | -------------------- | +| `OAUTH_GITHUB_CLIENT_ID` | ✔️ | `xxx` | GitHub Client ID | +| `OAUTH_GITHUB_CLIENT_SECRET` | ✔️ | `xxx` | GitHub Client Secret | + +### Generic OIDC + +TODO + +### Generic OAuth + +TODO diff --git a/docs/content/advanced/config/optional-config.md b/docs/content/advanced/config/optional-config.md index 1c6e7231..2f450b03 100644 --- a/docs/content/advanced/config/optional-config.md +++ b/docs/content/advanced/config/optional-config.md @@ -21,25 +21,3 @@ You will however still see a IPv6 address in the Web UI, but it won't be used. This option can be removed in the future, as more devices support IPv6. /// - -## Google OAuth - -You can enable Google OAuth login alongside classic username/password authentication. When enabled, a "Sign in with Google" button appears on the login page. - -| Env | Default | Example | Description | -| ----------------------------- | ------- | -------------------------------- | ----------------------------------------- | -| `OAUTH_GOOGLE_ENABLED` | `false` | `true` | Enable Google OAuth login | -| `OAUTH_GOOGLE_CLIENT_ID` | - | `123.apps.googleusercontent.com` | Google OAuth 2.0 Client ID | -| `OAUTH_GOOGLE_CLIENT_SECRET` | - | `GOCSPX-xxx` | Google OAuth 2.0 Client Secret | -| `OAUTH_GOOGLE_ALLOWED_DOMAIN` | - | `example.com` | Restrict login to a specific email domain | - -/// note | Google Cloud Console Setup - -1. Go to [Google Cloud Console](https://console.cloud.google.com/apis/credentials) -2. Create an OAuth 2.0 Client ID (Web application) -3. Add Authorized redirect URI: `https:///api/auth/google/callback` -4. Copy the Client ID and Client Secret to the environment variables - -If a user logs in with Google and their email matches an existing account, the accounts are automatically linked. - -///