local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 67 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions

Init an admin user in prod closes #381 #409

Merged
moritz merged 14 commits from feature/381_init_admin into main 2026-02-04 20:53:02 +01:00
Conversation 0 Commits 14 Files changed 19 +5 -5
1 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit d37fc03a37 - Show all commits

10
config/runtime.exs
View file

@ -89,6 +89,11 @@ if System.get_env("PHX_SERVER") do
config :mv, MvWeb.Endpoint, server: true config :mv, MvWeb.Endpoint, server: true
end end
# OIDC group → Admin role sync: read from ENV in all environments (dev/test/prod)
config :mv, :oidc_role_sync,
admin_group_name: System.get_env("OIDC_ADMIN_GROUP_NAME"),
groups_claim: System.get_env("OIDC_GROUPS_CLAIM") || "groups"
if config_env() == :prod do if config_env() == :prod do
database_url = build_database_url.() database_url = build_database_url.()
@ -153,11 +158,6 @@ if config_env() == :prod do
client_secret: client_secret, client_secret: client_secret,
redirect_uri: System.get_env("OIDC_REDIRECT_URI") || default_redirect_uri redirect_uri: System.get_env("OIDC_REDIRECT_URI") || default_redirect_uri
# OIDC group → Admin role sync (optional). Groups claim default "groups".
config :mv, :oidc_role_sync,
admin_group_name: System.get_env("OIDC_ADMIN_GROUP_NAME"),
groups_claim: System.get_env("OIDC_GROUPS_CLAIM") || "groups"
# Token signing secret from environment variable # Token signing secret from environment variable
# This overrides the placeholder value set in prod.exs # This overrides the placeholder value set in prod.exs
# Supports TOKEN_SIGNING_SECRET or TOKEN_SIGNING_SECRET_FILE for Docker secrets. # Supports TOKEN_SIGNING_SECRET or TOKEN_SIGNING_SECRET_FILE for Docker secrets.