From 6daf6e7810a0e98681e3b2ccb812055702d845ab Mon Sep 17 00:00:00 2001 From: liuxiaohua Date: Tue, 7 Jan 2025 14:53:25 +0800 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20[2025-01-07]=20=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=20Linkwarden=E3=80=81=E9=9B=86=E7=AE=80=E4=BA=91=E5=AF=B9?= =?UTF-8?q?=E6=8E=A5=E3=80=81Yearning=E9=83=A8=E7=BD=B2=E6=8C=87=E5=8D=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 教程/20250107-Yearning安装及SSO接入指南.md | 65 ++++++++++++++++++++++ 1 file changed, 65 insertions(+) diff --git a/教程/20250107-Yearning安装及SSO接入指南.md b/教程/20250107-Yearning安装及SSO接入指南.md index abd57af..75f4243 100644 --- a/教程/20250107-Yearning安装及SSO接入指南.md +++ b/教程/20250107-Yearning安装及SSO接入指南.md @@ -26,6 +26,71 @@ - 可以参考:https://next.yearning.io/zh/usage/ixah25xr/ +### Docker Compose + +#### `conf.toml` 文件 + +- 禁用的节点复制后需要解禁 + +```toml +#- [Mysql] +Db = "Yearning" +Host = "127.0.0.1" +Port = "3306" +Password = "" +User = "root" + +#- [General] +SecretKey = "dbcjqheupqjsuwsm" +Hours = 4 +Lang = "zh_CN" + +#- [Oidc] +Enable = false +ClientId = "${keycloak的客户端ID}" +ClientSecret = "${keycloak的客户端Secret}" +Scope = "openid profile" +AuthUrl = "${issuer链接}/protocol/openid-connect/auth" +TokenUrl = "${issuer链接}/protocol/openid-connect/token" +UserUrl = "${issuer链接}/protocol/openid-connect/userinfo" +RedirectUrL = "${yearning的地址}/oidc/_token-login" +UserNameKey = "preferred_username" +RealNameKey = "name" +EmailKey = "email" +SessionKey = "session_state" +``` + +### Yearning OIDC 配置 + +- 可以参考:https://next.yearning.io/zh/usage/boccobus/ + +#### 修改 `conf.toml`(Keycloak示例) + +```toml +#- [Oidc] +Enable = true +ClientId = "${keycloak的客户端ID}" +ClientSecret = "${keycloak的客户端Secret}" +Scope = "openid profile" +AuthUrl = "${issuer链接}/protocol/openid-connect/auth" +TokenUrl = "${issuer链接}/protocol/openid-connect/token" +UserUrl = "${issuer链接}/protocol/openid-connect/userinfo" +RedirectUrL = "${yearning的地址}/oidc/_token-login" +UserNameKey = "preferred_username" +RealNameKey = "name" +EmailKey = "email" +SessionKey = "session_state" +``` + +- ${keycloak的客户端ID}:例如 `yearning` +- ${keycloak的客户端Secret}: Keycloak中获取 +- ${issuer链接}: Keycloak 中获取 +- ${yearning的地址}:yearning 请求地址 + +### 异常处理 + +- 如果出现异常,可以排查 `Yearning` 服务和 `Keycloak` 服务是否可以访问通畅。 +- 或者说 `Yearning` SSO 配置中的链接在 `Yearning` 所在服务中是否可以正常访问 ## 本地构建启动(参考)