immich icon indicating copy to clipboard operation
immich copied to clipboard
verified publisher icon immich-app

Document OAuth config env variables for docker

Open osresearch opened this issue 2 years ago • 5 comments

This patch adds documentation to Administration - OAuth for setting the docker-compose environment to include the OIDC provider information and also adds a sample configuration to the example.env file.

osresearch avatar Jul 11 '23 13:07 osresearch

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
immich ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jul 11, 2023 1:45pm

vercel[bot] avatar Jul 11 '23 13:07 vercel[bot]

I don't think the env vars for oauth config are supported anymore?

bo0tzz avatar Jul 11 '23 13:07 bo0tzz

Why were they removed? .env vars are necessary for automated deployments and requiring a manual step via the website to set it up is problematic compared to being able to include them in the runtime configuration.

osresearch avatar Jul 11 '23 13:07 osresearch

Why were they removed? .env vars are necessary for automated deployments and requiring a manual step via the website to set it up is problematic compared to being able to include them in the runtime configuration.

I don't disagree, but the trade-off to keep them was increased maintenance work. It is very uncommon to need to regularly run automated deployments of immich and preconfigure OAuth, so we went with a simpler approach of only configuring these values through the UI.

jrasm91 avatar Jul 11 '23 14:07 jrasm91

I'm hoping to integrate immich into the https://v.st/ self-hosted system, which uses single-sign-on for all of the included tools (mastodon, matrix, hedgedoc, nextcloud, etc). Being able to help folks setup a community with all of the tools pre-configured to work together using a single docker-compose command is much easier for groups that don't want to have to separately go through each tool to figure out how its SSO or OIDC vars are configured.

osresearch avatar Jul 11 '23 14:07 osresearch

In the short term, I don't think we are going to add support for auto configuring OAuth or any other settings via environment variables. While not ideal, I'm sure you can accomplish the same thing via a script. Either using the CLI to updates the values, inserting them directly into the database, or injecting a migration file into the container via a volume mount or extending the image.

jrasm91 avatar Jul 14 '23 02:07 jrasm91