From 938be46fafe1ef125a941693687a5c6822dbfe52 Mon Sep 17 00:00:00 2001 From: Georg Pfuetzenreuter Date: Sun, 30 Apr 2023 18:20:54 +0200 Subject: [PATCH 1/3] Quote BookStack values Some strings contain spaces or special characters and should be quoted. Signed-off-by: Georg Pfuetzenreuter --- salt/profile/bookstack/init.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/profile/bookstack/init.sls b/salt/profile/bookstack/init.sls index 3dc5a36..a9ef891 100644 --- a/salt/profile/bookstack/init.sls +++ b/salt/profile/bookstack/init.sls @@ -27,7 +27,7 @@ bookstack_permissions: {%- if mypillar[option] is string and mypillar[option].startswith('$') or mypillar[option] is number %} {%- set value = mypillar[option] %} {%- else %} - {%- set value = mypillar[option] | quote %} + {%- set value = "'" ~ mypillar[option] ~ "'" | quote %} {%- endif %} {{ option | upper }}: {{ value }} {%- endif -%} -- 2.35.3 From d8359f002d3cbecfc4bb3fb6c3744aad71766759 Mon Sep 17 00:00:00 2001 From: Georg Pfuetzenreuter Date: Sun, 30 Apr 2023 18:22:58 +0200 Subject: [PATCH 2/3] Correct SAML realm capitalization The Keycloak realm is named "LibertaCasa", not "libertacasa". Signed-off-by: Georg Pfuetzenreuter --- pillar/id/themis_lysergic_dev.sls | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pillar/id/themis_lysergic_dev.sls b/pillar/id/themis_lysergic_dev.sls index 52186a6..503ec80 100644 --- a/pillar/id/themis_lysergic_dev.sls +++ b/pillar/id/themis_lysergic_dev.sls @@ -88,9 +88,9 @@ profile: saml2_email_attribute: email saml2_external_id_attribute: uid saml2_display_name_attributes: fullname - saml2_idp_entityid: https://libsso.net/realms/libertacasa - saml2_idp_sso: https://libsso.net/realms/libertacasa/protocol/saml - saml2_idp_slo: https://libsso.net/realms/libertacasa/protocol/saml + saml2_idp_entityid: https://libsso.net/realms/LibertaCasa + saml2_idp_sso: https://libsso.net/realms/LibertaCasa/protocol/saml + saml2_idp_slo: https://libsso.net/realms/LibertaCasa/protocol/saml saml2_idp_x509: ${'secret_bookstack:saml2_idp_x509'} saml2_autoload_metadata: false saml2_sp_x509: ${'secret_bookstack:saml2_sp_x509'} -- 2.35.3 From ef0a931157da5823c4eb54da41c9d60f4d582eab Mon Sep 17 00:00:00 2001 From: Georg Pfuetzenreuter Date: Sun, 30 Apr 2023 18:27:35 +0200 Subject: [PATCH 3/3] Correct BookStack group Environment file needs to be readable by the www, not the wwwrun, group for PHP-FPM to be able to access it. Signed-off-by: Georg Pfuetzenreuter --- salt/profile/bookstack/init.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/profile/bookstack/init.sls b/salt/profile/bookstack/init.sls index a9ef891..05f07b6 100644 --- a/salt/profile/bookstack/init.sls +++ b/salt/profile/bookstack/init.sls @@ -10,7 +10,7 @@ bookstack_permissions: file.managed: - mode: '0640' - user: root - - group: wwwrun + - group: www - names: - {{ configfile }} -- 2.35.3