35 lines
1.1 KiB
YAML
35 lines
1.1 KiB
YAML
jenkins:
|
|
systemMessage: "Jenkins configured with Cloudron OpenID Connect authentication"
|
|
securityRealm:
|
|
oic:
|
|
clientId: "${CLOUDRON_OAUTH_CLIENT_ID}"
|
|
clientSecret: "${CLOUDRON_OAUTH_CLIENT_SECRET}"
|
|
wellKnownOpenIDConfigurationUrl: "${CLOUDRON_OAUTH_ORIGIN}/.well-known/openid-configuration"
|
|
userNameField: "preferred_username"
|
|
tokenAuthMethod: "client_secret_basic"
|
|
scopes: "openid email profile groups"
|
|
fullNameFieldName: "name"
|
|
emailFieldName: "email"
|
|
groupsFieldName: "groups"
|
|
pkceEnabled: true
|
|
escapeHatchEnabled: true
|
|
escapeHatchUsername: "admin"
|
|
escapeHatchSecret: "adminpass"
|
|
escapeHatchGroup: "admin"
|
|
|
|
authorizationStrategy:
|
|
globalMatrix:
|
|
permissions:
|
|
- "Overall/Administer:admin"
|
|
- "Overall/Read:authenticated"
|
|
- "Job/Read:authenticated"
|
|
- "Job/Build:authenticated"
|
|
- "Job/Create:authenticated"
|
|
- "Job/Configure:authenticated"
|
|
- "View/Read:authenticated"
|
|
- "View/Create:authenticated"
|
|
- "View/Configure:authenticated"
|
|
|
|
unclassified:
|
|
location:
|
|
url: "${JENKINS_URL}" |