From 383b6a38bae95927f2be358b2c9b8b661afab613 Mon Sep 17 00:00:00 2001
From: Tealk <12276250+Tealk@users.noreply.github.com>
Date: Wed, 22 Feb 2023 17:23:38 +0100
Subject: [PATCH] website/integrations: Mastodon integration (#4733)

* init mastodon integration

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace inventory placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* Replace placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace username with sub

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* text improvement

Signed-off-by: Tealk <tealk@rollenspiel.monster>

---------

Signed-off-by: Tealk <tealk@rollenspiel.monster>
---
 .../integrations/services/mastodon/index.md   | 61 +++++++++++++++++++
 website/sidebarsIntegrations.js               |  1 +
 2 files changed, 62 insertions(+)
 create mode 100644 website/integrations/services/mastodon/index.md

diff --git a/website/integrations/services/mastodon/index.md b/website/integrations/services/mastodon/index.md
new file mode 100644
index 000000000..6d74cae9f
--- /dev/null
+++ b/website/integrations/services/mastodon/index.md
@@ -0,0 +1,61 @@
+---
+title: Mastodon
+---
+
+<span class="badge badge--secondary">Support level: Community</span>
+
+## What is Mastodon
+
+From https://joinmastodon.org/
+:::note
+Mastodon is free and open-source software for running self-hosted social networking services. It has microblogging features similar to Twitter
+:::
+
+## Preparation
+
+The following placeholders will be used:
+
+-   `mastodon.company` is the FQDN of the mastodon install.
+-   `authentik.company` is the FQDN of the authentik install.
+
+## authentik Configuration
+
+### Step 1 - OAuth2/OpenID Provider
+
+Create a OAuth2/OpenID Provider (under _Applications/Providers_) with these settings:
+
+-   Name : mastodon
+-   Redirect URI: `https://mastodon.company/auth/auth/openid_connect/callback`
+
+### Step 3 - Application
+
+Create an application (under _Resources/Applications_) with these settings:
+
+-   Name: Mastodon
+-   Slug: mastodon
+-   Provider: mastodon
+
+## Mastodon Setup
+
+Configure Mastodon `OIDC_` settings by editing the `.env.production` and add the following:
+
+```
+OIDC_ENABLED=true
+OIDC_DISPLAY_NAME=authentik
+OIDC_DISCOVERY=true
+OIDC_ISSUER=< OpenID Configuration Issuer>
+OIDC_AUTH_ENDPOINT=https://authentik.company/application/o/authorize/
+OIDC_SCOPE=openid,profile,email
+OIDC_UID_FIELD=sub
+OIDC_CLIENT_ID=<Client ID>
+OIDC_CLIENT_SECRET=<Client Secret>
+OIDC_REDIRECT_URI=https://mastodon.company/auth/auth/openid_connect/callback
+OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
+```
+
+Restart mastodon-web.service
+
+## Additional Resources
+
+-   https://github.com/mastodon/mastodon/pull/16221
+-   https://forum.fedimins.net/t/sso-fuer-verschiedene-dienste/42
diff --git a/website/sidebarsIntegrations.js b/website/sidebarsIntegrations.js
index d89f926a0..ed3c03d8a 100644
--- a/website/sidebarsIntegrations.js
+++ b/website/sidebarsIntegrations.js
@@ -15,6 +15,7 @@ module.exports = {
                         "services/bookstack/index",
                         "services/hedgedoc/index",
                         "services/kimai/index",
+                        "services/mastodon/index",
                         "services/matrix-synapse/index",
                         "services/mobilizon/index",
                         "services/nextcloud/index",