feat(vikunja): Configure Authelia OIDC authentication

Add Authelia OIDC configuration to Vikunja and remove Tinyauth middleware. Users can now authenticate with Vikunja using Authelia SSO.
2025-12-12 23:17:08 +00:00 · 2025-12-12 23:17:08 +00:00 · 249903825b
commit 249903825b
parent 75bdad695f
2 changed files with 9 additions and 1 deletions
--- a/compose/services/vikunja/.env
+++ b/compose/services/vikunja/.env
@ -20,6 +20,15 @@ VIKUNJA_SERVICE_JWTSECRET=changeme_please_set_random_jwt_secret
 # Timezone
 TZ=America/Los_Angeles

+# OpenID Connect (OIDC) Configuration (Authelia)
+# Docs: https://vikunja.io/docs/openid-connect/
+VIKUNJA_AUTH_OPENID_ENABLED=true
+VIKUNJA_AUTH_OPENID_REDIRECTURL=https://tasks.fig.systems/auth/openid/authelia
+VIKUNJA_AUTH_OPENID_PROVIDERS_AUTHELIA_NAME=Authelia
+VIKUNJA_AUTH_OPENID_PROVIDERS_AUTHELIA_AUTHURL=https://auth.fig.systems
+VIKUNJA_AUTH_OPENID_PROVIDERS_AUTHELIA_CLIENTID=vikunja
+VIKUNJA_AUTH_OPENID_PROVIDERS_AUTHELIA_CLIENTSECRET=wIsBlF0PQCvQyXjQbWw8ggbgdiWVFwmn
+
 # Database environment variables (for postgres container)
 POSTGRES_USER=vikunja
 POSTGRES_DB=vikunja
--- a/compose/services/vikunja/compose.yaml
+++ b/compose/services/vikunja/compose.yaml
@ -23,7 +23,6 @@ services:
      traefik.http.routers.vikunja.entrypoints: websecure
      traefik.http.routers.vikunja.tls.certresolver: letsencrypt
      traefik.http.services.vikunja.loadbalancer.server.port: 3456
-      traefik.http.routers.vikunja.middlewares: tinyauth

  vikunja-db:
    container_name: vikunja-db