Outline - a Notion-like open source app
-
@matbrgz said in Outline - a Notion-like open source app:
@girish sorry to bother you again about this, could you please take a look here? This app is vital to my company.
And not just you either, it's the second most upvoted app request on the wishlist after Wireguard VPN. Be great to have it on Cloudron!
-
Yup, @vladimir-d is looking into this next week.
-
So after investigation, the situation is this:
- Outline does not support any local authentication i.e it has no local user database.
- The developers have indicated that there is possibly LDAP in the enterprise version of the product. I haven't tried that, so I don't know if it's there.
- Authentication can be done via Google/GitHub (?) and other external services.
- OpenID is supported
Current package is using dex to bridge OpenID connect and Cloudron LDAP. This can be difficult to migrate in the long run (and is also two really apps in one).
So, we can't provide Outline immediately. We are going to first add OpenID connect as an addon. We used to have OAuth before as addon that did not work out well. We will try this for 7.4.
-
@girish It has never been easy to run. I had it running once years ago using Google or Slack, all hand-rolled and installed, and had to use this super niche code tweak that anyone who ever found it once could never find it again.
Just now I went over to the site to try to login with Slack... failed. I know this is a cool app, but I don't think it is going to be worth the hassle getting it to work. Focus on something else! -
@girish said in Outline - a Notion-like open source app:
add OpenID connect as an addon
Having OpenID Connect as an addon sounds great to me.
-
@scooke yeah, the upstream author has indicated that they won't accept changes not related to their SaaS. But maybe this has changed because they offer selfhosted plans. In any case, having OIDC in Cloudron won't hurt.
Also, I think I remember seeing the one line patch you mentioned...
-
-
@matbrgz I think we are almost there. With 7.4, we introduce OIDC. In theory, outline supports OIDC but we have to check.
OIDC support in
OutlookOutline itself - the situation is quite unclear to me, since it's not documented anywhere clearly. Do you know anything about this? -
@doodlemania2 w00t, sorry. I meant outline
-
@girish I’ve used their env sample as a reference for configuring it with Dex in my package: https://github.com/outline/outline/blob/main/.env.sample
-
@chetbaker now that we have OIDC, we will be looking into outline again. But this will take a bit. But feel free to experiment on your own, just wanted to put this note.
-
-
@girish said in Outline - a Notion-like open source app:
@chetbaker now that we have OIDC, we will be looking into outline again. But this will take a bit. But feel free to experiment on your own, just wanted to put this note.
Did you ever get around to look at Outline again @girish - be great to have it on Cloudron!
-
@girish said in Outline - a Notion-like open source app:
@matbrgz I think we are almost there. With 7.4, we introduce OIDC. In theory, outline supports OIDC but we have to check.
OIDC support in
OutlookOutline itself - the situation is quite unclear to me, since it's not documented anywhere clearly. Do you know anything about this?I was able to get OIDC working without any problems with an instance outside of cloudron using their documentation in the env.example:
# To configure generic OIDC auth, you'll need some kind of identity provider. # See documentation for whichever IdP you use to acquire the following info: # Redirect URI is https://<URL>/auth/oidc.callback OIDC_CLIENT_ID= OIDC_CLIENT_SECRET= OIDC_AUTH_URI= OIDC_TOKEN_URI= OIDC_USERINFO_URI= # Specify which claims to derive user information from # Supports any valid JSON path with the JWT payload OIDC_USERNAME_CLAIM=preferred_username # Display name for OIDC authentication OIDC_DISPLAY_NAME=OpenID Connect # Space separated auth scopes. OIDC_SCOPES=openid profile email
What's not working for you?
-
@andreasdueren
mmm, so you set this up against Cloudron's OIDC server? Last we checked, leantime needed a key mode authentication to OIDC which we haven't implemented yet. But maybe this has since been fixed?edit: whoops, sorry, completely different apps