website/integrations: Mastodon integration (#4733)

* init mastodon integration

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace inventory placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* Replace placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace username with sub

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* text improvement

Signed-off-by: Tealk <tealk@rollenspiel.monster>

---------

Signed-off-by: Tealk <tealk@rollenspiel.monster>
This commit is contained in:
Tealk 2023-02-22 17:23:38 +01:00 committed by GitHub
parent 7d9eef37ed
commit 383b6a38ba
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 62 additions and 0 deletions

View file

@ -0,0 +1,61 @@
---
title: Mastodon
---
<span class="badge badge--secondary">Support level: Community</span>
## What is Mastodon
From https://joinmastodon.org/
:::note
Mastodon is free and open-source software for running self-hosted social networking services. It has microblogging features similar to Twitter
:::
## Preparation
The following placeholders will be used:
- `mastodon.company` is the FQDN of the mastodon install.
- `authentik.company` is the FQDN of the authentik install.
## authentik Configuration
### Step 1 - OAuth2/OpenID Provider
Create a OAuth2/OpenID Provider (under _Applications/Providers_) with these settings:
- Name : mastodon
- Redirect URI: `https://mastodon.company/auth/auth/openid_connect/callback`
### Step 3 - Application
Create an application (under _Resources/Applications_) with these settings:
- Name: Mastodon
- Slug: mastodon
- Provider: mastodon
## Mastodon Setup
Configure Mastodon `OIDC_` settings by editing the `.env.production` and add the following:
```
OIDC_ENABLED=true
OIDC_DISPLAY_NAME=authentik
OIDC_DISCOVERY=true
OIDC_ISSUER=< OpenID Configuration Issuer>
OIDC_AUTH_ENDPOINT=https://authentik.company/application/o/authorize/
OIDC_SCOPE=openid,profile,email
OIDC_UID_FIELD=sub
OIDC_CLIENT_ID=<Client ID>
OIDC_CLIENT_SECRET=<Client Secret>
OIDC_REDIRECT_URI=https://mastodon.company/auth/auth/openid_connect/callback
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
```
Restart mastodon-web.service
## Additional Resources
- https://github.com/mastodon/mastodon/pull/16221
- https://forum.fedimins.net/t/sso-fuer-verschiedene-dienste/42

View file

@ -15,6 +15,7 @@ module.exports = {
"services/bookstack/index",
"services/hedgedoc/index",
"services/kimai/index",
"services/mastodon/index",
"services/matrix-synapse/index",
"services/mobilizon/index",
"services/nextcloud/index",