texousliu/keyfil
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
keyfil/教程/20250107-Yearning安装及SSO接入指南.md
liuxiaohua 414a3549cd
Some checks failed
Publish to Confluence / confluence (push) Failing after 38s
Details
[2025-01-07] 添加 Linkwarden、集简云对接、Yearning部署指南
2025-01-07 14:40:29 +08:00

3.4 KiB
Raw Blame History

Yearning 安装及 SSO 接入指南

Yearning 安装启动

Docker Compose

docker-compose.yml 文件

version: '3'

services:
  yearning:
    image: yeelabs/yearning:v3.1.5
    environment:
      MYSQL_USER: yearning
      MYSQL_PASSWORD: ukC2ZkcG_ZTeb
      MYSQL_ADDR: mysql
      MYSQL_DB: yearning
      SECRET_KEY: dbcjqheupqjsuwsm
      IS_DOCKER: is_docker
    ports:
      - 8000:8000
    volumes:
      - ./opt/conf.toml:/opt/conf.toml
    #- 首次使用请先初始化
    #- command: /bin/bash -c "./Yearning install && ./Yearning run"
    depends_on:
      - mysql
    restart: always

  mysql:
    image: mysql:5.7
    environment:
      MYSQL_ROOT_PASSWORD: ukC2ZkcG_ZTeb
      MYSQL_DATABASE: yearning
      MYSQL_USER: yearning
      MYSQL_PASSWORD: ukC2ZkcG_ZTeb
    command:
      - --character-set-server=utf8mb4
      - --collation-server=utf8mb4_general_ci
    volumes:
      - ./data/mysql:/var/lib/mysql

#- 默认账号admin默认密码Yearning_admin

conf.toml 文件

[Mysql]
Db = "Yearning"
Host = "127.0.0.1"
Port = "3306"
Password = ""
User = "root"

[General]
SecretKey = "dbcjqheupqjsuwsm"
Hours = 4
Lang = "zh_CN"

[Oidc]
Enable = false
ClientId = "${keycloak的客户端ID}"
ClientSecret = "${keycloak的客户端Secret}"
Scope = "openid profile"
AuthUrl = "${issuer链接}/protocol/openid-connect/auth"
TokenUrl = "${issuer链接}/protocol/openid-connect/token"
UserUrl = "${issuer链接}/protocol/openid-connect/userinfo"
RedirectUrL = "${yearning的地址}/oidc/_token-login"
UserNameKey = "preferred_username"
RealNameKey = "name"
EmailKey = "email"
SessionKey = "session_state"

Yearning OIDC 配置

修改 conf.tomlKeycloak示例

[Oidc]
Enable = true
ClientId = "${keycloak的客户端ID}"
ClientSecret = "${keycloak的客户端Secret}"
Scope = "openid profile"
AuthUrl = "${issuer链接}/protocol/openid-connect/auth"
TokenUrl = "${issuer链接}/protocol/openid-connect/token"
UserUrl = "${issuer链接}/protocol/openid-connect/userinfo"
RedirectUrL = "${yearning的地址}/oidc/_token-login"
UserNameKey = "preferred_username"
RealNameKey = "name"
EmailKey = "email"
SessionKey = "session_state"
  • ${keycloak的客户端ID}:例如 yearning
  • ${keycloak的客户端Secret}: Keycloak中获取
  • ${issuer链接}: Keycloak 中获取
  • ${yearning的地址}yearning 请求地址

异常处理

  • 如果出现异常,可以排查 Yearning 服务和 Keycloak 服务是否可以访问通畅。
  • 或者说 Yearning SSO 配置中的链接在 Yearning 所在服务中是否可以正常访问

参考