Configuring Single Sign-On

calcom / docker

The Docker configuration for Cal.com is an effort powered by people within the community. Cal.com, Inc. does not provide official support for Docker, but we will accept fixes and documentation. Use at your own risk.

MIT License

662 stars 344 forks source link

Configuring Single Sign-On #247

Open chriscroome opened 1 year ago

chriscroome commented 1 year ago

I've followed the Build and Run Cal.com instructions and everything appears to be working apart from the SSO configuration page at /settings/security/sso, this displays:

Single Sign-On

saml_description

⚠️ unexpected character at line 1 column 1 of the JSON data

I suspect this is because according to the SSO setup instructions an additional database is needed, is there a suggested method for adding an additional database to the PostgreSQL Docker container other than doing it manually?

buzzard10 commented 1 year ago

Have you managed to figure this out? :)

chriscroome commented 1 year ago

Not yet, I've been working on other things, I guess manually creating the database is the way to solve this?

krumware commented 1 year ago

In kubernetes we use "init containers" for this type of thing, which is something I'm also migrating to in our org's calcom setup.

Check this out and see if it works for your case here: https://stackoverflow.com/questions/70322031/does-docker-compose-support-init-container You can probably create a busybox or other instance which connects to postgres and runs the create command, then make the calcom service dependent on it's completion.

chriscroome commented 1 year ago

None of these options sound ideal, since the PostgreSQL Docker container is designed to provide one database what about adding an additional PostgreSQL Docker container for the SSO database via the docker-compose.yaml file, would that be a easier option?

krumware commented 1 year ago

I don't know a whole lot about the SSO setup in particular, but that's fairly common in these cases. Just keep an eye out for port conflicts.

Worth noting, if someone is trying to use it with managed database server, that they still may need to run scripts for the database creation. In which case the init container approach could still be relevant.

buzzard10 commented 1 year ago

Does anyone have working docker-compose for cal.com with SSO? :)

andres-asm commented 8 months ago

you can create an additional DB easily by using psql

psql -h localhost -U unicorn_user

then in that prompt you can just type

create database calenso_saml

Then in your docker compose file

SAML_DATABASE_URL=postgresql://$${POSTGRES_USER}:${POSTGRES_PASSWORD}@${DATABASE_HOST}/${POSTGRES_DB}_saml
SAML_ADMINS=email@example.com,email2@example.com

But it's still not working for me

andres-asm commented 8 months ago

Ah no it does! But the feature is behind a paywall... Sad..

AndrewBucklin commented 7 months ago

...

Then in your docker compose file

SAML_DATABASE_URL=postgresql://$${POSTGRES_USER}:${POSTGRES_PASSWORD}@${DATABASE_HOST}/${POSTGRES_DB}_saml
SAML_ADMINS=email@example.com,email2@example.com

...

For anyone else who copy/pasted the environment variables provided by @andres-asm, remove the extra $ before {POSTGRES_USER}

corius498 commented 4 months ago

Is this really a enterprise feature? That's a pity, I would have liked to use cal.com.