383b6a38ba
* init mastodon integration Signed-off-by: Tealk <tealk@rollenspiel.monster> * replace inventory placeholder Signed-off-by: Tealk <tealk@rollenspiel.monster> * Replace placeholder Signed-off-by: Tealk <tealk@rollenspiel.monster> * replace username with sub Signed-off-by: Tealk <tealk@rollenspiel.monster> * text improvement Signed-off-by: Tealk <tealk@rollenspiel.monster> --------- Signed-off-by: Tealk <tealk@rollenspiel.monster>
1.6 KiB
1.6 KiB
title |
---|
Mastodon |
Support level: Community
What is Mastodon
From https://joinmastodon.org/ :::note Mastodon is free and open-source software for running self-hosted social networking services. It has microblogging features similar to Twitter :::
Preparation
The following placeholders will be used:
mastodon.company
is the FQDN of the mastodon install.authentik.company
is the FQDN of the authentik install.
authentik Configuration
Step 1 - OAuth2/OpenID Provider
Create a OAuth2/OpenID Provider (under Applications/Providers) with these settings:
- Name : mastodon
- Redirect URI:
https://mastodon.company/auth/auth/openid_connect/callback
Step 3 - Application
Create an application (under Resources/Applications) with these settings:
- Name: Mastodon
- Slug: mastodon
- Provider: mastodon
Mastodon Setup
Configure Mastodon OIDC_
settings by editing the .env.production
and add the following:
OIDC_ENABLED=true
OIDC_DISPLAY_NAME=authentik
OIDC_DISCOVERY=true
OIDC_ISSUER=< OpenID Configuration Issuer>
OIDC_AUTH_ENDPOINT=https://authentik.company/application/o/authorize/
OIDC_SCOPE=openid,profile,email
OIDC_UID_FIELD=sub
OIDC_CLIENT_ID=<Client ID>
OIDC_CLIENT_SECRET=<Client Secret>
OIDC_REDIRECT_URI=https://mastodon.company/auth/auth/openid_connect/callback
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
Restart mastodon-web.service