From 694888c4a1c33942d8e7bed5bde41da843dcfa4d Mon Sep 17 00:00:00 2001
From: anima <p.schreiner@4nima.de>
Date: Wed, 1 Oct 2025 17:44:15 +0200
Subject: [PATCH] add oidc module config

---
 README.md   |  2 ++
 compose.yml | 23 +++++++++++++++++++++++
 env.sample  | 14 +++++++++++++-
 3 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index e718dae..12b4c86 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,8 @@ This is a auto setup [Icinga](https://icinga.com) stack, means:
     * with [Icinga DB Web](https://icinga.com/docs/icinga-db-web/latest/)
     * with [Grafana](https://grafana.com/grafana/)
       * [icingaweb2-module-grafana](https://github.com/NETWAYS/icingaweb2-module-grafana)
+    * with OIDC / OAuth
+      * [icingaweb2-module-oidc](https://github.com/RISE-GmbH/icingaweb2-module-oidc)
     * [MariaDB](https://mariadb.org) (Config DB)
 
 * [AO-IT: icinga-satellite](https://git.ao-it.net/docker/icinga-satellite) (optional, not in this repo)
diff --git a/compose.yml b/compose.yml
index 98f1208..2186999 100644
--- a/compose.yml
+++ b/compose.yml
@@ -32,6 +32,14 @@ services:
       - ICINGAWEB2_RESOURCES__${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}__username=${ICINGAWEB_DB_USER:-icingaweb}
       - ICINGAWEB2_RESOURCES__${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}__password=${ICINGAWEB_DB_PASS:-icingaweb}
       - ICINGAWEB2_RESOURCES__${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}__charset=utf8mb4
+      ### module oidc db for icingaweb2
+      - ICINGAWEB2_RESOURCES__${OIDC_RESOURCE_NAME:-icingaweb_oidc_db}__type=db
+      - ICINGAWEB2_RESOURCES__${OIDC_RESOURCE_NAME:-icingaweb_oidc_db}__db=mysql
+      - ICINGAWEB2_RESOURCES__${OIDC_RESOURCE_NAME:-icingaweb_oidc_db}__host=${OIDC_DB_HOST:-db_icingaweb_oidc}
+      - ICINGAWEB2_RESOURCES__${OIDC_RESOURCE_NAME:-icingaweb_oidc_db}__dbname=${OIDC_DB:-icingaweb_oidc}
+      - ICINGAWEB2_RESOURCES__${OIDC_RESOURCE_NAME:-icingaweb_oidc_db}__username=${OIDC_DB_USER:-icingaweb_oidc}
+      - ICINGAWEB2_RESOURCES__${OIDC_RESOURCE_NAME:-icingaweb_oidc_db}__password=${OIDC_DB_PASS:-icingaweb_oidc}
+      - ICINGAWEB2_RESOURCES__${OIDC_RESOURCE_NAME:-icingaweb_oidc_db}__charset=utf8mb4
       ### module: icingadb db resource
       - ICINGAWEB2_RESOURCES__${ICINGAWDB_RESOURCE_NAME:-icingadb}__type=db
       - ICINGAWEB2_RESOURCES__${ICINGAWDB_RESOURCE_NAME:-icingadb}__db=mysql
@@ -88,6 +96,21 @@ services:
       MARIADB_USER: ${ICINGAWEB_DB_USER:-icingaweb}
       MARIADB_PASSWORD: ${ICINGAWEB_DB_PASS:-icingaweb}
 
+  db_icingaweb_oidc:
+    image: mariadb:latest
+    hostname: ${OIDC_DB_HOST:-db_icingaweb_oidc}
+    restart: always
+    volumes:
+      - ./files/dbs/icingaweb_oidc:/var/lib/mysql
+      - /etc/localtime:/etc/localtime:ro
+    networks:
+      - icinga
+    environment:
+      MARIADB_RANDOM_ROOT_PASSWORD: yes
+      MARIADB_DATABASE: ${OIDC_DB:-icingaweb_oidc}
+      MARIADB_USER: ${OIDC_DB_USER:-icingaweb_oidc}
+      MARIADB_PASSWORD: ${OIDC_DB_PASS:-icingaweb_oidc}
+
   grafana:
     image: grafana/grafana:latest
     hostname: grafana
diff --git a/env.sample b/env.sample
index c51e23c..c6d0dad 100644
--- a/env.sample
+++ b/env.sample
@@ -3,7 +3,7 @@
 ### icinga
 API_ROOT_PASS=changeME!
 
-### icingaweb db connection
+### icingaweb2 db connection
 ICINGAWEB_DB_RESOURCE_NAME=icingaweb_db
 ICINGAWEB_DB=icingaweb
 ICINGAWEB_DB_HOST=db_icingaweb
@@ -27,6 +27,18 @@ ICINGA_DB_PORT=3306
 ICINGA_DB_USER=icingadb
 ICINGA_DB_PASS=icingadb
 
+### icingaweb module oidc connection
+OIDC_RESOURCE_NAME=icingaweb_oidc_db
+OIDC_DB=icingaweb_oidc
+OIDC_DB_HOST=db_icingaweb_oidc
+OIDC_DB_USER=icingaweb_oidc
+OIDC_DB_PASS=icingaweb_oidc
+
+OIDC_DB=icingadb_oidc
+OIDC_DB_HOST=db_icingaweb_oidc
+OIDC_DB_USER=icingadb_oidc
+OIDC_DB_PASS=icingadb_oidc
+
 ### icingadb redis connection
 ICINGADB_REDIS_HOST=redis
 ICINGADB_REDIS_PORT=6379