New OIDC migrate
-
@eyecreate For existing apps, we have to investigate one by one how the user management can be switched from LDAP to OIDC. We want to make this as non-disruptive as possible
We are starting out with Wekan and Rocket.Chat. Apps like Immich (and shortly Penpot) which never had LDAP will use OIDC from the get go.
-
Err don't mind me. This was posted under Immich. Are you then asking how to move an existing Immich installation to use OIDC ?
-
@eyecreate Currently, you have to backup and re-import into a new installation . But we are looking into other options/possibilities.
-
I just performed a manual migration of one of my instances. This is a bit technical but should work.
Pre-conditions are:- the immich app instance is on the latest package version 1.55.1
- local account (most likely the first and thus admin account) has the same email as the one you want to login with OIDC (this is how immich does the user mapping)
- have the app instance id on Cloudron available. That can be seen in the update section of the app configure view in your Cloudron dashboard and looks something like
2c016381-840c-4707-945e-189896fbb3f9
Once those are met, proceed with:
- Create app backup
- SSH into the server
- Run
mysql -uroot -ppassword box -e "update apps set sso=1 where id='INSERT-APP-ID-HERE'"
- root and password are literal like this, only insert the app id and hit enter - Go to the app's configure view in your Cloudron dashboard and in the location tab simply submit the form without changing anything (this is just a way to make the platform rebuild the container)
Once the app is up, you can relogin with OIDC and the user mapping should work.
-
-