Merge branch 'main' into dev-gitlab

ansible/roles/authelia-for-dokuwiki/defaults/main.json

@@ -0,0 +1,5 @@
+{
+	"var_authelia_for_dokuwiki_dokuwiki_url_base": "https://dokuwiki.example.org",
+	"var_authelia_for_dokuwiki_client_id": "dokuwiki",
+	"var_authelia_for_dokuwiki_client_secret": "REPLACE_ME"
+}

ansible/roles/authelia-for-dokuwiki/info.md

@@ -0,0 +1,3 @@
+## Beschreibung
+
+Um [DokuWiki](../dokuwiki) gegen [Authelia](../authelia) authentifizieren zu lassen

ansible/roles/authelia-for-dokuwiki/tasks/main.json

@@ -0,0 +1,25 @@
+[
+	{
+		"name": "configuration | emplace",
+		"become": true,
+		"ansible.builtin.template": {
+			"src": "authelia-client-conf.json.j2",
+			"dest": "/etc/authelia/conf.d/clients/dokuwiki.json"
+		}
+	},
+	{
+		"name": "configuration | apply",
+		"become": true,
+		"ansible.builtin.command": {
+			"cmd": "/usr/bin/authelia-conf-compose"
+		}
+	},
+	{
+		"name": "restart service",
+		"become": true,
+		"ansible.builtin.systemd_service": {
+			"state": "restarted",
+			"name": "authelia"
+		}
+	}
+]

ansible/roles/authelia-for-dokuwiki/templates/authelia-client-conf.json.j2

@@ -0,0 +1,17 @@
+{
+	"client_id": "{{var_authelia_for_dokuwiki_client_id}}",
+	"client_secret": "{{var_authelia_for_dokuwiki_client_secret}}",
+	"client_name": "DokuWiki",
+	"public": false,
+	"authorization_policy": "one_factor",
+	"redirect_uris": [
+		"{{var_authelia_for_dokuwiki_dokuwiki_url_base}}/doku.php"
+	],
+	"scopes": [
+		"openid",
+		"email",
+		"profile",
+		"groups"
+	],
+	"token_endpoint_auth_method": "client_secret_post"
+}

ansible/roles/authelia-for-hedgedoc/templates/authelia-client-conf.json.j2

@@ -24,5 +24,6 @@
 		"query",
 		"fragment"
 	],
-	"userinfo_signed_response_alg": "none"
+	"userinfo_signed_response_alg": "none",
+	"token_endpoint_auth_method": "client_secret_post"
 }

ansible/roles/authelia/tasks/main.json

@@ -106,7 +106,8 @@
 		"become": true,
 		"ansible.builtin.template": {
 			"src": "users.yml.j2",
-			"dest": "{{var_authelia_users_file_path}}"
+			"dest": "{{var_authelia_users_file_path}}",
+			"force": false
 		}
 	},
 	{

ansible/roles/dokuwiki-and-nginx/defaults/main.json

@@ -0,0 +1,5 @@
+{
+	"var_dokuwiki_and_nginx_directory": "/opt/dokuwiki",
+	"var_dokuwiki_and_nginx_domain": "dokuwiki.example.org",
+	"var_dokuwiki_and_nginx_tls_enable": true
+}

ansible/roles/dokuwiki-and-nginx/info.md

@@ -0,0 +1,8 @@
+## Beschreibung
+
+- zur Einrichtung von [nginx](../nginx) als Reverse-Proxy für [DokuWiki](../dokuwiki)
+
+
+## Verweise
+
+- [DokuWiki-Dokumentation | nginx](https://www.dokuwiki.org/install:nginx)

ansible/roles/dokuwiki-and-nginx/tasks/main.json

@@ -0,0 +1,35 @@
+[
+	{
+		"name": "deactivate default site",
+		"become": true,
+		"ansible.builtin.file": {
+			"state": "absent",
+			"dest": "/etc/nginx/sites-enabled/default"
+		}
+	},
+	{
+		"name": "emplace configuration | data",
+		"become": true,
+		"ansible.builtin.template": {
+			"src": "conf.j2",
+			"dest": "/etc/nginx/sites-available/{{var_dokuwiki_and_nginx_domain}}"
+		}
+	},
+	{
+		"name": "emplace configuration | link",
+		"become": true,
+		"ansible.builtin.file": {
+			"state": "link",
+			"src": "/etc/nginx/sites-available/{{var_dokuwiki_and_nginx_domain}}",
+			"dest": "/etc/nginx/sites-enabled/{{var_dokuwiki_and_nginx_domain}}"
+		}
+	},
+	{
+		"name": "restart nginx",
+		"become": true,
+		"ansible.builtin.systemd_service": {
+			"state": "restarted",
+			"name": "nginx"
+		}
+	}
+]

ansible/roles/dokuwiki-and-nginx/templates/conf.j2

@@ -0,0 +1,62 @@
+server {
+	listen 80;
+	listen [::]:80;
+	server_name {{var_dokuwiki_and_nginx_domain}};
+	return 301 https://$server_name$request_uri;
+}
+ 
+server {
+	listen [::]:443 ssl;
+	listen 443 ssl;
+	
+	server_name {{var_dokuwiki_and_nginx_domain}};
+	
+{% if var_dokuwiki_and_nginx_tls_enable %}
+	ssl_certificate /etc/ssl/fullchains/{{var_dokuwiki_and_nginx_domain}}.pem;
+	ssl_certificate_key /etc/ssl/private/{{var_dokuwiki_and_nginx_domain}}.pem;
+	ssl_session_timeout 5m;
+	ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
+{% endif %}
+	
+	# Maximum file upload size is 4MB - change accordingly if needed
+	client_max_body_size 4M;
+	client_body_buffer_size 128k;
+	
+	root {{var_dokuwiki_and_nginx_directory}};
+	index doku.php;
+	
+	#Remember to comment the below out when you're installing, and uncomment it when done.
+	location ~ /(conf/|bin/|inc/|vendor/|install.php) {
+		deny all;
+	}
+	
+	#Support for X-Accel-Redirect
+	location ~ ^/data/ {
+		internal;
+	}
+	
+	location ~ ^/lib.*\.(js|css|gif|png|ico|jpg|jpeg)$ {
+		expires 365d;
+	}
+	
+	location / {
+		try_files $uri $uri/ @dokuwiki;
+	}
+	
+	location @dokuwiki {
+		# rewrites "doku.php/" out of the URLs if you set the userwrite setting to .htaccess in dokuwiki config page
+		rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+		rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+		rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+		rewrite ^/(.*) /doku.php?id=$1&$args last;
+	}
+	
+	location ~ \.php$ {
+		try_files $uri $uri/ /doku.php;
+		include fastcgi_params;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		fastcgi_param REDIRECT_STATUS 200;
+		fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
+		# fastcgi_pass unix:/var/run/php5-fpm.sock; #old php version
+	}
+}

ansible/roles/dokuwiki/defaults/main.json

@@ -0,0 +1,22 @@
+{
+	"var_dokuwiki_directory": "/opt/dokuwiki",
+	"var_dokuwiki_title": "DokuWiki",
+	"var_dokuwiki_language": "en",
+	"var_dokuwiki_licence": "cc-by-sa",
+	"var_dokuwiki_authentication_kind": "internal",
+	"var_dokuwiki_authentication_data_generic_auth_url": "https://auth.example.org/api/oidc/authorize",
+	"var_dokuwiki_authentication_data_generic_token_url": "https://auth.example.org/api/oidc/token",
+	"var_dokuwiki_authentication_data_generic_user_url": "https://auth.example.org/api/oidc/userinfo",
+	"var_dokuwiki_authentication_data_generic_client_id": "dokuwiki",
+	"var_dokuwiki_authentication_data_generic_client_secret": "REPLACE_ME",
+	"var_dokuwiki_authentication_data_generic_title": "external auth",
+	"var_dokuwiki_authentication_data_authelia_url_base": "https://authelia.example.org",
+	"var_dokuwiki_authentication_data_authelia_client_id": "dokuwiki",
+	"var_dokuwiki_authentication_data_authelia_client_secret": "REPLACE_ME",
+	"var_dokuwiki_authentication_data_authelia_label": "Authelia",
+	"var_dokuwiki_admin_user_define": true,
+	"var_dokuwiki_admin_user_name": "admin",
+	"var_dokuwiki_admin_user_password": "REPLACE_ME",
+	"var_dokuwiki_admin_user_label": "Admin",
+	"var_dokuwiki_admin_user_email_address": "dokuwiki-admin@example.org"
+}

ansible/roles/dokuwiki/info.md

@@ -0,0 +1,11 @@
+## Beschreibung
+
+Für das leicht-gewichtige Wiki-System [DokuWiki](https://www.dokuwiki.org/dokuwiki)
+
+
+## Verweise
+
+- [Dokumentation | Installation](https://www.dokuwiki.org/install)
+- [Dokumentation | Ansible](https://www.dokuwiki.org/install:ansible)
+- [Plugin: oAuth](https://www.dokuwiki.org/plugin:oauth)
+- [Plugin: oAuthGeneric](https://www.dokuwiki.org/plugin:oauthgeneric)

ansible/roles/dokuwiki/tasks/main.json

@@ -0,0 +1,210 @@
+[
+	{
+		"name": "packages",
+		"become": true,
+		"ansible.builtin.apt": {
+			"pkg": [
+				"unzip",
+				"php8.2-fpm",
+				"php8.2-xml"
+			]
+		}
+	},
+	{
+		"name": "core | preparation",
+		"ansible.builtin.file": {
+			"state": "directory",
+			"path": "/tmp/dokuwiki-core"
+		}
+	},
+	{
+		"name": "core | acquisition",
+		"ansible.builtin.get_url": {
+			"url": "https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz",
+			"dest": "/tmp/dokuwiki.tgz"
+		}
+	},
+	{
+		"name": "core | extraction",
+		"ansible.builtin.unarchive": {
+			"remote_src": true,
+			"src": "/tmp/dokuwiki.tgz",
+			"dest": "/tmp/dokuwiki-core"
+		}
+	},
+	{
+		"name": "core | version retrieval",
+		"ansible.builtin.command": {
+			"cmd": "ls /tmp/dokuwiki-core"
+		},
+		"register": "temp_core_version_output"
+	},
+	{
+		"name": "core | directory",
+		"become": true,
+		"ansible.builtin.file": {
+			"state": "directory",
+			"path": "{{var_dokuwiki_directory}}",
+			"owner": "www-data"
+		}
+	},
+	{
+		"name": "core | emplacement",
+		"become": true,
+		"ansible.builtin.copy": {
+			"remote_src": true,
+			"src": "/tmp/dokuwiki-core/{{temp_core_version_output.stdout}}/",
+			"dest": "{{var_dokuwiki_directory}}",
+			"owner": "www-data"
+		}
+	},
+	{
+		"name": "plugin 'oauth' | preparation",
+		"ansible.builtin.file": {
+			"state": "directory",
+			"path": "/tmp/dokuwiki-plugin-oauth"
+		}
+	},
+	{
+		"name": "plugin 'oauth' | acquisition",
+		"when": "var_dokuwiki_oauth2_enable",
+		"ansible.builtin.get_url": {
+			"url": "https://github.com/cosmocode/dokuwiki-plugin-oauth/zipball/master",
+			"dest": "/tmp/dokuwiki-plugin-oauth-base.zip"
+		}
+	},
+	{
+		"name": "plugin 'oauth' | extraction",
+		"when": "var_dokuwiki_oauth2_enable",
+		"ansible.builtin.unarchive": {
+			"remote_src": true,
+			"src": "/tmp/dokuwiki-plugin-oauth-base.zip",
+			"dest": "/tmp/dokuwiki-plugin-oauth"
+		}
+	},
+	{
+		"name": "plugin 'oauth' | version retrieval",
+		"when": "var_dokuwiki_oauth2_enable",
+		"ansible.builtin.command": {
+			"cmd": "ls -1 /tmp/dokuwiki-plugin-oauth"
+		},
+		"register": "temp_plugin_oauth_base_version_output"
+	},
+	{
+		"name": "plugin 'oauth' | directory",
+		"when": "var_dokuwiki_oauth2_enable",
+		"become": true,
+		"ansible.builtin.file": {
+			"state": "directory",
+			"dest": "{{var_dokuwiki_directory}}/lib/plugins/oauth",
+			"owner": "www-data"
+		}
+	},
+	{
+		"name": "plugin 'oauth' | emplacement",
+		"when": "var_dokuwiki_oauth2_enable",
+		"become": true,
+		"ansible.builtin.copy": {
+			"remote_src": true,
+			"src": "/tmp/dokuwiki-plugin-oauth/{{temp_plugin_oauth_base_version_output.stdout}}/",
+			"dest": "{{var_dokuwiki_directory}}/lib/plugins/oauth",
+			"owner": "www-data"
+		}
+	},
+	{
+		"name": "plugin 'oauthgeneric' | preparation",
+		"ansible.builtin.file": {
+			"state": "directory",
+			"path": "/tmp/dokuwiki-plugin-oauthgeneric"
+		}
+	},
+	{
+		"name": "plugin 'oauthgeneric' | acquisition",
+		"when": "var_dokuwiki_oauth2_enable",
+		"ansible.builtin.get_url": {
+			"url": "https://github.com/cosmocode/dokuwiki-plugin-oauthgeneric/zipball/master",
+			"dest": "/tmp/dokuwiki-plugin-oauth-generic.zip"
+		}
+	},
+	{
+		"name": "plugin 'oauthgeneric' | extraction",
+		"when": "var_dokuwiki_oauth2_enable",
+		"ansible.builtin.unarchive": {
+			"remote_src": true,
+			"src": "/tmp/dokuwiki-plugin-oauth-generic.zip",
+			"dest": "/tmp/dokuwiki-plugin-oauthgeneric"
+		}
+	},
+	{
+		"name": "plugin 'oauthgeneric' | version retrieval",
+		"when": "var_dokuwiki_oauth2_enable",
+		"ansible.builtin.command": {
+			"cmd": "ls -1 /tmp/dokuwiki-plugin-oauthgeneric"
+		},
+		"register": "temp_plugin_oauth_generic_version_output"
+	},
+	{
+		"name": "plugin 'oauthgeneric' | directory",
+		"when": "var_dokuwiki_oauth2_enable",
+		"become": true,
+		"ansible.builtin.file": {
+			"state": "directory",
+			"dest": "{{var_dokuwiki_directory}}/lib/plugins/oauthgeneric",
+			"owner": "www-data"
+		}
+	},
+	{
+		"name": "plugin 'oauthgeneric' | emplacement",
+		"when": "var_dokuwiki_oauth2_enable",
+		"become": true,
+		"ansible.builtin.copy": {
+			"remote_src": true,
+			"src": "/tmp/dokuwiki-plugin-oauthgeneric/{{temp_plugin_oauth_generic_version_output.stdout}}/",
+			"dest": "{{var_dokuwiki_directory}}/lib/plugins/oauthgeneric",
+			"owner": "www-data"
+		}
+	},
+	{
+		"name": "admin user password",
+		"when": "var_dokuwiki_admin_user_define",
+		"ansible.builtin.set_fact": {
+			"temp_password_hash": "{{var_dokuwiki_admin_user_password | ansible.builtin.password_hash(hashtype='sha512')}}"
+		}
+	},
+	{
+		"name": "configuration | local",
+		"become": true,
+		"ansible.builtin.template": {
+			"src": "conf-local.php.j2",
+			"dest": "{{var_dokuwiki_directory}}/conf/local.php",
+			"owner": "www-data"
+		}
+	},
+	{
+		"name": "configuration | plugins",
+		"become": true,
+		"ansible.builtin.template": {
+			"src": "conf-plugins.local.php.j2",
+			"dest": "{{var_dokuwiki_directory}}/conf/plugins.local.php",
+			"owner": "www-data"
+		}
+	},
+	{
+		"name": "configuration | acl",
+		"become": true,
+		"ansible.builtin.template": {
+			"src": "conf-acl.auth.php.j2",
+			"dest": "{{var_dokuwiki_directory}}/conf/acl.auth.php",
+			"owner": "www-data"
+		}
+	},
+	{
+		"name": "configuration | users",
+		"become": true,
+		"ansible.builtin.template": {
+			"src": "conf-users.auth.php.j2",
+			"dest": "{{var_dokuwiki_directory}}/conf/users.auth.php",
+			"owner": "www-data"
+		}
+	}
+]

ansible/roles/dokuwiki/templates/conf-acl.auth.php.j2

@@ -0,0 +1,7 @@
+# acl.auth.php
+# <?php exit()?>
+# Don't modify the lines above
+#
+# Access Control Lists
+*               @ALL          0
+*               @user         8

ansible/roles/dokuwiki/templates/conf-local.php.j2

@@ -0,0 +1,51 @@
+<?php
+$conf['title'] = '{{var_dokuwiki_title}}';
+$conf['lang'] = '{{var_dokuwiki_language}}';
+$conf['license'] = '{{var_dokuwiki_licence}}';
+$conf['useacl'] = 1;
+$conf['superuser'] = '@admin';
+$conf['passcrypt'] = 'bcrypt';
+{% if var_dokuwiki_authentication_kind == 'internal' %}
+$conf['authtype'] = 'authplain';
+{% endif %}
+{% if var_dokuwiki_authentication_kind == 'generic' %}
+$conf['authtype'] = 'oauth';
+$conf['disableactions'] = 'register,resendpwd,profile,profile_delete';
+$conf['plugin']['oauth']['singleService'] = 0;
+$conf['plugin']['oauth']['register-on-auth'] = 1;
+$conf['plugin']['oauthgeneric']['key'] = '{{var_dokuwiki_authentication_data_generic_client_id}}';
+$conf['plugin']['oauthgeneric']['secret'] = '{{var_dokuwiki_authentication_data_generic_client_secret}}';
+$conf['plugin']['oauthgeneric']['authurl'] = '{{var_dokuwiki_authentication_data_generic_auth_url}}';
+$conf['plugin']['oauthgeneric']['tokenurl'] = '{{var_dokuwiki_authentication_data_generic_token_url}}';
+$conf['plugin']['oauthgeneric']['userurl'] = '{{var_dokuwiki_authentication_data_generic_user_url}}';
+$conf['plugin']['oauthgeneric']['authmethod'] = 1;
+$conf['plugin']['oauthgeneric']['scopes'] = ['openid','email','profile','groups'];
+$conf['plugin']['oauthgeneric']['needs-state'] = 1;
+$conf['plugin']['oauthgeneric']['json-user'] = 'sub';
+$conf['plugin']['oauthgeneric']['json-name'] = 'name';
+$conf['plugin']['oauthgeneric']['json-mail'] = 'email';
+$conf['plugin']['oauthgeneric']['json-grps'] = 'groups';
+$conf['plugin']['oauthgeneric']['label'] = '{{var_dokuwiki_authentication_data_generic_title}}';
+$conf['plugin']['oauthgeneric']['color'] = '#333333';
+{% endif %}
+{% if var_dokuwiki_authentication_kind == 'authelia' %}
+$conf['authtype'] = 'oauth';
+$conf['disableactions'] = 'register,resendpwd,profile,profile_delete';
+$conf['plugin']['oauth']['singleService'] = 0;
+$conf['plugin']['oauth']['register-on-auth'] = 1;
+$conf['plugin']['oauthgeneric']['key'] = '{{var_dokuwiki_authentication_data_authelia_client_id}}';
+$conf['plugin']['oauthgeneric']['secret'] = '{{var_dokuwiki_authentication_data_authelia_client_secret}}';
+$conf['plugin']['oauthgeneric']['authurl'] = '{{var_dokuwiki_authentication_data_authelia_url_base}}/api/oidc/authorize';
+$conf['plugin']['oauthgeneric']['tokenurl'] = '{{var_dokuwiki_authentication_data_authelia_url_base}}/api/oidc/token';
+$conf['plugin']['oauthgeneric']['userurl'] = '{{var_dokuwiki_authentication_data_authelia_url_base}}/api/oidc/userinfo';
+$conf['plugin']['oauthgeneric']['authmethod'] = 1;
+$conf['plugin']['oauthgeneric']['scopes'] = ['openid','email','profile','groups'];
+$conf['plugin']['oauthgeneric']['needs-state'] = 1;
+$conf['plugin']['oauthgeneric']['json-user'] = 'sub';
+$conf['plugin']['oauthgeneric']['json-name'] = 'name';
+$conf['plugin']['oauthgeneric']['json-mail'] = 'email';
+$conf['plugin']['oauthgeneric']['json-grps'] = 'groups';
+$conf['plugin']['oauthgeneric']['label'] = '{{var_dokuwiki_authentication_data_authelia_label}}';
+$conf['plugin']['oauthgeneric']['color'] = '#333333';
+{% endif %}
+

ansible/roles/dokuwiki/templates/conf-plugins.local.php.j2

@@ -0,0 +1,9 @@
+<?php
+$plugins['authad'] = 0;
+$plugins['authldap'] = 0;
+$plugins['authmysql'] = 0;
+$plugins['authpgsql'] = 0;
+{% if var_dokuwiki_oauth2_enable %}
+$plugins['oauth'] = 1;
+$plugins['oauthgeneric'] = 1;
+{% endif %}

ansible/roles/dokuwiki/templates/conf-users.auth.php.j2

@@ -0,0 +1,9 @@
+# users.auth.php
+# <?php exit()?>
+# Don't modify the lines above
+#
+# Userfile
+
+{% if var_dokuwiki_admin_user_define %}
+{{var_dokuwiki_admin_user_name}}:{{temp_password_hash}}:{{var_dokuwiki_admin_user_label}}:{{var_dokuwiki_admin_user_email_address}}:admin,user
+{% endif %}

ansible/roles/dokuwiki/vardef.json

@@ -0,0 +1,87 @@
+{
+	"directory": {
+		"type": "string",
+		"mandatory": false
+	},
+	"title": {
+		"type": "string",
+		"mandatory": false
+	},
+	"language": {
+		"type": "string",
+		"mandatory": false
+	},
+	"licence": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_kind": {
+		"type": "string",
+		"options": [
+			"internal",
+			"generic",
+			"authelia"
+		],
+		"mandatory": false
+	},
+	"authentication_data_generic_auth_url": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_token_url": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_user_url": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_client_id": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_client_secret": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_generic_title": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_url_base": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_client_id": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_client_secret": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_label": {
+		"type": "string",
+		"mandatory": false
+	},
+	"admin_user_define": {
+		"type": "boolean",
+		"mandatory": false
+	},
+	"admin_user_name": {
+		"type": "string",
+		"mandatory": false
+	},
+	"admin_user_password": {
+		"type": "string",
+		"mandatory": false
+	},
+	"admin_user_label": {
+		"type": "string",
+		"mandatory": false
+	},
+	"admin_user_email_address": {
+		"type": "string",
+		"mandatory": false
+	}
+}

ansible/roles/hedgedoc/templates/config.json.j2

@@ -38,9 +38,9 @@
 			"userProfileUsernameAttr": "sub",
 			"userProfileDisplayNameAttr": "name",
 			"userProfileEmailAttr": "email",
-			"userProfileURL": "{{var_hedgedoc_authentication_data_authelia_url_base}}/profile",
+			"userProfileURL": "{{var_hedgedoc_authentication_data_authelia_url_base}}/api/oidc/userinfo",
-			"tokenURL": "{{var_hedgedoc_authentication_data_authelia_url_base}}/token",
+			"tokenURL": "{{var_hedgedoc_authentication_data_authelia_url_base}}/api/oidc/token",
-			"authorizationURL": "{{var_hedgedoc_authentication_data_authelia_url_base}}/authorization"
+			"authorizationURL": "{{var_hedgedoc_authentication_data_authelia_url_base}}/api/oidc/authorize"
 		},
 		"email": false,
 		"allowEmailRegister": false,