feat: OpenID NoteKfet pour mediawiki

hosts/vm/mediakiwi/default.nix

@@ -16,7 +16,7 @@
     enable = true;
 
     networking = {
-      id = "44";
+      id = 144;
       srvNat.enable = true;
     };
 

hosts/vm/mediakiwi/mediawiki.nix

@@ -16,6 +16,11 @@ in
     owner = "mediawiki";
   };
 
+  age.secrets.mediawiki-openid = {
+    file = ../../../secrets/mediakiwi/mediawiki-openid.age;
+    owner = "mediawiki";
+  };
+
   environment.systemPackages = with pkgs; [
     imagemagick
 
@@ -101,6 +106,8 @@ in
       $wgPluggableAuth_EnableLocalLogin = true;
       $LDAPAuthentication2AllowLocalLogin = true;
       $LDAPProviderDomainConfigs = "${config.age.secrets.mediawiki-ldap.path}";
+      # On importe les secrets pour l'OpenID.
+      require '${config.age.secrets.mediawiki-openid.path}';
       $wgPluggableAuth_Config = [
         "Compte Crans" => [
           'plugin' => 'LDAPAuthentication2',
@@ -108,9 +115,14 @@ in
             'domain' => 'crans'
           ]
         ],
-        # "Note BDE" => [
-        #   'plugin' => 'OpenIDConnect',
-        # ]
+        "Note BDE" => [
+          'plugin' => 'OpenIDConnect',
+          'data' => [
+            'providerURL' => 'https://note.crans.org/o/',
+            'clientID' => $SecretAgeOpenIDClientID,
+            'clientsecret' => $SecretAgeOpenIDClientSecret,
+          ]
+        ]
       ];
     
       # Theme