sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-06 15:31:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(openxchange): Add proper dav URLs in client onboarding and disable unnecessary oauth section

Browse Source
This commit is contained in:
Thomas Kaltenbrunner
2025-05-13 19:24:43 +02:00
parent 1d2b17b495
commit bba2af0f06
2 changed files with 8 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/getting-started.md
View File

@@ -70,6 +70,10 @@ For your convenience, we recommend creating a `*.domain.tld` A-Record for your c
| domain.tld | TXT | `v=spf1 +a +mx +a:mail.domain.tld ~all` | Optional, use proper MTA record if present |
| _dmarc.domain.tld | TXT | `v=DMARC1; p=quarantine` | Optional |
| default._domainkey.domain.tld | TXT | `v=DKIM1; k=rsa; h=sha256; ...` | Optional, DKIM settings |
| _caldavs._tcp.domain.tld | SRV | 10 1 443 dav.domain.tld. | Optional, CalDav auto discovery |
| _caldav._tcp.domain.tld | SRV | 10 1 80 dav.domain.tld. | Optional, CalDav auto discovery |
| _carddavs._tcp.domain.tld | SRV | 10 1 443 dav.domain.tld. | Optional, CardDav auto discovery |
| _carddav._tcp.domain.tld | SRV | 10 1 80 dav.domain.tld. | Optional, CardDav auto discovery |
## Domain

18
helmfile/apps/open-xchange/values-openxchange.yaml.gotmpl
View File

@@ -323,18 +323,6 @@ appsuite:
com.openexchange.oidc.userLookupNamePart: "full"
com.openexchange.oidc.enablePasswordGrant: "true"
com.openexchange.oidc.passwordGrantUserNamePart: "local-part"
# OAUTH
com.openexchange.oauth.provider.enabled: "true"
com.openexchange.oauth.provider.allowedIssuer: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}"
com.openexchange.oauth.provider.contextLookupClaim: "context"
com.openexchange.oauth.provider.contextLookupNamePart: "full"
com.openexchange.oauth.provider.jwt.jwksUri: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/certs"
com.openexchange.oauth.provider.mode: "expect_jwt"
com.openexchange.oauth.provider.userLookupNamePart: "full"
com.openexchange.oauth.provider.userLookupClaim: "opendesk_username"
com.openexchange.authentication.oauth.clientId: "opendesk-oxappsuite"
com.openexchange.authentication.oauth.tokenEndpoint: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/token"
com.openexchange.authentication.oauth.clientSecret: {{ .Values.secrets.keycloak.clientSecret.as8oidc | quote }}
# MAIL
com.openexchange.mail.authType: "xoauth2"
com.openexchange.mail.loginSource: "mail"
@@ -399,12 +387,14 @@ appsuite:
# await http.POST({ module: 'oxguard/smime', params: { action: 'test' } })
com.openexchange.smime.test: "true"
# DAV
#com.openexchange.dav.prefixPath: "/"
#com.openexchange.dav.proxyPrefixPath: "/"
{{- if .Values.functional.groupware.davSupport.enabled }}
com.openexchange.caldav.enabled: "true"
com.openexchange.caldav.url: {{ printf "https://%s.%s/caldav/[folderId]" .Values.global.hosts.openxchangeDav .Values.global.domain }}
com.openexchange.carddav.enabled: "true"
com.openexchange.carddav.url: {{ printf "https://%s.%s/carddav/[folderId]" .Values.global.hosts.openxchangeDav .Values.global.domain }}
com.openexchange.client.onboarding.caldav.url: {{ printf "https://%s.%s/" .Values.global.hosts.openxchangeDav .Values.global.domain }}
com.openexchange.client.onboarding.carddav.url: {{ printf "https://%s.%s/" .Values.global.hosts.openxchangeDav .Values.global.domain }}
{{- end }}
# Other
com.openexchange.secret.secretSource: "\"<user-id> + '@' + <context-id> + '/' + <random>\""
{{- if .Values.certificate.selfSigned }}