Difference between revisions of "Taiga"
(→SSO) |
(→Provider setup for taiga-contrib-openid-auth: Whoops - better use javascript comments...) |
||
| Line 95: | Line 95: | ||
}); | }); | ||
| − | + | // The rest of your routing. | |
</source> | </source> | ||
Revision as of 01:19, 19 April 2021
Contents
Install
The documentation is fairly good at describing what to do but here is a quick set guide.
First check you have git, docker and docker-compose installed at the versions it recommends.
git clone https://github.com/taigaio/taiga-docker
cd taia-docker
git checkout stableSet every instance of these with passwords in docker-compose.yml and docker-compose-inits.yml.
Important: do not include symbols in the passwords or else you may get some very strange errors.
POSTGRES_PASSWORD
TAIGA_SECRET_KEY
RABBITMQ_PASSEdit these values to match your setup:
TAIGA_SITES_SCHEME: http
TAIGA_SITES_DOMAIN: example.com
TAIGA_URL: "http://example.com"
TAIGA_WEBSOCKETS_URL: "ws://example.com"Then run:
./launch-taiga.sh # Or ./launch-all.sh if you want penpot too
# Wait a couple of minutes AFTER the command has FINISHED then run it again.
./launch-taiga.sh
# Check that the back service has finished booting (May take 5mins) :
docker logs taiga-docker_taiga-back_1You should have observed the following on the last command:
Applied <THINGS>
Give permission to taiga:taiga
Listening at: http://0.0.0.0:8000 (1)
<Booted 3 service workers>Once you see the service workers are booted you can create the super user:
./taiga-manage.sh createsuperuser
Make sure you set up the reverse proxy exactly as the documentation says just don't forget to add a listen line:
listen 80;Updating Configuration
If you need to change the Taiga configuration just run the launch-taiga.sh/launch-all.sh again.
If you need to change config details that involve the setup you may need to nuke the volumes:
docker-compose down -vhttps
Https can be a bit tricky to setup at first but just make sure to make all of these listed changes and it should work:
First ensure the webserver is listening for https or port 443 - do not change the proxy target!
Then in docker-compose.yml make the following edits:
- TAIGA_SITES_SCHEME: "https"
- TAIGA_URL: "https://example.com"
- TAIGA_WEBSOCKETS_URL: "wss://taiga.organicdesign.fund"
There is no need to change the port at the bottom of the file.
SSO
Currently the only SSO options for Taiga is Github, Gitlab and OpenID Connect using taiga-contrib-openid-auth.
Provider setup for taiga-contrib-openid-auth
The plugin by default does not send a scopes request so it is necessary to intercept the request and add the sopes that it needs, this can be done in express like so:
app.get("/auth", (req, res, next) => {
if (req.query.scope)
return next();
let params = "?scope=openid email profile"
for (const key of Object.keys(req.query))
params += `&${key}=${req.query[key]}`;
return res.redirect(`/auth${params}`);
});
// The rest of your routing.
