Configure OpenID via environment

I currently struggle configuring OpenID by using environment variables.

Here’s what I tried:

VIKUNJA_AUTH_OPENID_PROVIDERS: KEYCLOAK
VIKUNJA_AUTH_OPENID_PROVIDERS_KEYCLOAK_NAME: KeyCloak
VIKUNJA_AUTH_OPENID_PROVIDERS_KEYCLOAK_AUTHURL: ...
VIKUNJA_AUTH_OPENID_PROVIDERS_KEYCLOAK_CLIENTID: vikunja
VIKUNJA_AUTH_OPENID_PROVIDERS_KEYCLOAK_CLIENTSECRET: ...

This however causes the backend to panic with
interface conversion: interface {} is string, not []interface {}

Can someone show me how this should be properly configured?

1 Like

Configuring openid via env variables is currently not supported. You’ll need to use a config file for that. It is possible to use both env and config files at the same time, that way you could put only the openid config in the config file and use env variables for the rest.

Thanks for the reply. Any plans on implementing this? It would be handy to have for docker-compose deployments.

I think this would make sense, but would be a breaking change. As such, I don’t plan to implement it in the near future but added it to the backlog.

Just one follow-up question: is it possible to expand environment variables in the config file? The point is that I don’t want to put the openid clientsecret into the config file (I’m using a docker-compose setup with all files but .env in git).

Like this:

auth:
  local:
    enabled: false
  openid:
    enabled: true
    providers:
      - name: "KeyCloak"
        authurl: "https://auth..."
        clientid: "vikunja"
        clientsecret: $OPENID_SECRET

and then passing OPENID_SECRET via environment?

Right now that won’t work.

I am hitting the exact same issue :confused: wouldn’t it be possible to simply add an extra environment variable for the meantime?

Either way, the documentation should reflect the current state, it says:

You can […] set all config option with environment variables.

It should at least be mentioned at Config options | Vikunja

I’ve added a notice to the doc you mentioned.