From aadda1f314d729dd1b4f9e20b964decf7b9bee91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois-Xavier=20Payet?= Date: Tue, 7 Nov 2023 14:28:38 +0100 Subject: [PATCH] website/integrations: add FreshRSS (#7301) --- .../integrations/services/freshrss/index.md | 63 +++++++++++++++++++ website/sidebarsIntegrations.js | 1 + 2 files changed, 64 insertions(+) create mode 100644 website/integrations/services/freshrss/index.md diff --git a/website/integrations/services/freshrss/index.md b/website/integrations/services/freshrss/index.md new file mode 100644 index 000000000..cf5af2f02 --- /dev/null +++ b/website/integrations/services/freshrss/index.md @@ -0,0 +1,63 @@ +--- +title: FreshRSS +--- + +Support level: Community + +## What is FreshRSS + +> FreshRSS is a self-hosted RSS feed aggregator. +> +> -- https://github.com/FreshRSS/FreshRSS + +## Preparation + +The following placeholders will be used: + +- `freshrss.company` is the FQDN of the FreshRSS install. +- `port` is the port on which the FreshRSS install is running (usually 443) +- `authentik.company` is the FQDN of the authentik install. + +## authentik Configuration + +In Authentik, create an _OAuth2/OpenID Provider_ under _Applications > Providers_. + +** Protocol Settings ** +_Client Type_ : _Confidential_ + +:::note +Take note of the `Client ID` and `Client Secret`, you'll need them later. +::: + +_Redirect URIs/Origins_ : + +- `https://freshrss.company/i/oidc/` +- `https://freshrss.company:port/i/oidc` + +_Signing Key_ : Any of your signing keys + +Then click _Finish_ to create your provider. + +Then create an _Application_, note its slug, and assign it to the provider you've just created. + +## FreshRSS Configuration + +:::info +This integration only works with the Docker or Kubernetes install of FreshRSS, using [FreshRSS docker image](https://hub.docker.com/r/freshrss/freshrss/), on x86_64 systems and without the Alpine version of the image. More information can be found on [this issue on FreshRSS GitHub](https://github.com/FreshRSS/FreshRSS/issues/5722) +::: + +Add those environment variables to your _Docker_ image : + +- `OIDC_ENABLED` : `1` +- `OIDC_PROVIDER_METADATA_URL` : `https://authentik.company/application/o//.well-known/openid-configuration` replacing `` with the slug of your created application +- `OIDC_CLIENT_ID` : the client ID of your provider +- `OIDC_CLIENT_SECRET` : the client secret of your provider +- `OIDC_X_FORWARDED_HEADERS` : `X-Forwarded-Port X-Forwarded-Proto X-Forwarded-Host` +- `OIDC_SCOPES` : `openid email profile` + +Before restarting your Docker container, ensure that one of the Admin users of your FreshRSS instance has the same login as one of your Authentik user. + +Restart your FreshRSS container, and login as a user that exists on both FreshRSS and your Authentik. +Navigate to _Settings_ > _Authentication_ in your FreshRSS instance, and choose as an authentication method _HTTP (for advanced users with HTTPS)_ + +You can find additional information on [FreshRSS documentation](https://freshrss.github.io/FreshRSS/en/admins/16_OpenID-Connect.html) diff --git a/website/sidebarsIntegrations.js b/website/sidebarsIntegrations.js index 29b873e47..bc857116b 100644 --- a/website/sidebarsIntegrations.js +++ b/website/sidebarsIntegrations.js @@ -96,6 +96,7 @@ module.exports = { type: "category", label: "Miscellaneous", items: [ + "services/freshrss/index", "services/gravitee/index", "services/home-assistant/index", "services/jellyfin/index",