--- title: App config guide --- ## Keycloak #### How do I setup a custom theme? Check [this approach](https://git.autonomic.zone/ruangrupa/login.lumbung.space). #### How do I create another admin user? - Under the `Master` realm > `Users` > `Add user` - Create the user and set a temporary password - Under the `Role Mappings` tab, move `admin` from `Available Roles` into `Assigned Roles` ## Nextcloud #### How do I customise the default home page when logging in? - Delete the dashboard app since it is so corporate - Follow [these docs](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/default_files_configuration.html) to set the default files list for each user in the Files app - Configure a `defaultapp` in your `config.php` or use [apporder](https://apps.nextcloud.com/apps/apporder) #### How do I integrate with Keycloak SSO? Use [this plugin](https://github.com/pulsejet/nextcloud-oidc-login). Unlike the plugin it's forked from, there is no configuration UI, so you'll need to edit `/var/www/html/config/config.php`: ``` 'oidc_login_client_id' => 'nextcloud', 'oidc_login_client_secret' => 'mysecret', 'oidc_login_provider_url' => 'https://example.com/auth/realms/myrealm', 'oidc_login_disable_registration' => false, 'oidc_login_hide_password_form' => true, 'oidc_login_button_text' => 'Log in with your myssodomain', 'oidc_login_default_group' => 'mygroup', 'oidc_login_attributes' => array ( 'id' => 'sub', 'name' => 'name', 'mail' => 'email', ), 'oidc_create_groups' => true, ``` You can use [this trick](https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/) (see "Cryptic Usernames" work-around) to get proper usernames. You might also need the following "Why is my synchronisation.." change if you see an error `'redirect_uri' is invalid`. #### Why is my synchronisation client freezing on the "grant access" step? Please see [this ticket](https://git.autonomic.zone/coop-cloud/nextcloud/issues/5). #### How can I customise the CSS? There is some basic stuff in the admin settings. To go a little deeper, you can use [this handy app](https://apps.nextcloud.com/apps/theming_customcss). Here is an example CSS config which hides the local login and makes space for a central image: ```css #body-login .wrapper main form[name="login"], #body-login .wrapper main form[name="login"] ~ a { display: none; } #body-login .logo { visibility: hidden; } #body-login #alternative-logins a.button[href*="oidc"] { background: #233b4a; color: #fff; transition: all 0.2s ease-in-out; } #body-login #alternative-logins a.button[href*="oidc"]:hover { background: linear-gradient(-35deg, #233b4a 40%, #486c83 100%); } #body-login #alternative-logins a.button[href*="/sociallogin/oauth/google"] { border: 0; color: #db4437 !important; background-color: #fff; } #body-login #alternative-logins a.button[href*="/sociallogin/oauth/google"]::before { width: 25px; background-color: #db4437; border-radius: 100%; background-size: 60%; background-position: center; height: 25px; vertical-align: middle; margin-right: 4px; } #body-login main { padding: 50vh 0 0 0; } #body-login a[href*="#body-login"] { visibility: hidden; } #body-login footer a, #body-login footer p { color: #233b4a; } #body-login footer a:hover { color: #fff; } #body-login footer p.info { text-shadow: none; } ``` ## Drone #### Generating deploy keys We normally do something like the following. ```bash ssh-keygen -t ed25519 -C drone@swarm.autonomic.zone ``` When you're loading them into Drone, make sure to use the right name of the organisation when using `drone orgsecret add`. #### How to change orgsecret values First, get your Drone CLI tool downloaded and the environment configured. ```bash export DRONE_SERVER=https://drone.example.com export DRONE_TOKEN=$(pass show your-pass-store-path) curl -L https://github.com/drone/drone-cli/releases/latest/download/drone_linux_amd64.tar.gz | tar zx ``` Then you can do things like: ``` ./drone orgsecret ls ./drone orgsecret add someorg my_deploy_key @my_private_key_file ``` #### How to enable build failure notifications Add this to your `.drone.yml` file. See the [plugin docs](http://plugins.drone.io/drone-plugins/drone-slack/) for more. ```yaml - name: notify rocket chat image: plugins/slack depends_on: ["mybuild"] settings: webhook: from_secret: rc_builds_url username: foobar channel: "builds" template: "{{repo.owner}}/{{repo.name}} build failed: {{build.link}}" when: status: - failure ``` !!! warning You must include valid names of pipelines in your `depends_on` list field. This is so that the notification will wait until all other pipelines are run before performing the notification logic. #### Skipping CI builds Add `[ci skip]` into the git commit message. You don't have to run builds if you don't want to. ## Peertube #### How do I wire up Keycloak SSO? Use [this plugin](https://framagit.org/framasoft/peertube/official-plugins/tree/master/peertube-plugin-auth-openid-connect). #### How do I develop a custom theme? See [this approach](https://git.autonomic.zone/ruangrupa/peertube-plugin-lumbung-space).