From 9371c99797b491e608481025fce678454ce6e484 Mon Sep 17 00:00:00 2001
From: josedario87 <jodarioel87@gmail.com>
Date: Sat, 1 Nov 2025 00:00:15 -0600
Subject: [PATCH] Fix: Usar URL interna de Authentik para OIDC
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Agregar variable AUTHENTIK_ISSUER_INTERNAL
- Cambiar issuer a http://172.19.0.5:9000/application/o/meshcentral/
- Conexión directa HTTP interna en lugar de HTTPS externa
---
 .gitea/workflows/build-and-deploy.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitea/workflows/build-and-deploy.yml b/.gitea/workflows/build-and-deploy.yml
index 0bca7ff..fafaab2 100644
--- a/.gitea/workflows/build-and-deploy.yml
+++ b/.gitea/workflows/build-and-deploy.yml
@@ -13,6 +13,7 @@ jobs:
       MESH_PORT: ${{ vars.MESH_PORT }}
       # Authentik OIDC configuration
       AUTHENTIK_ISSUER: ${{ vars.AUTHENTIK_ISSUER }}
+      AUTHENTIK_ISSUER_INTERNAL: ${{ vars.AUTHENTIK_ISSUER_INTERNAL }}
       AUTHENTIK_CLIENT_ID: ${{ secrets.AUTHENTIK_CLIENT_ID }}
       AUTHENTIK_CLIENT_SECRET: ${{ secrets.AUTHENTIK_CLIENT_SECRET }}
     steps:
@@ -65,7 +66,7 @@ jobs:
                 "allowFraming": false,
                 "authStrategies": {
                   "oidc": {
-                    "issuer": "${{ vars.AUTHENTIK_ISSUER }}",
+                    "issuer": "${{ vars.AUTHENTIK_ISSUER_INTERNAL }}",
                     "clientid": "${{ secrets.AUTHENTIK_CLIENT_ID }}",
                     "clientsecret": "${{ secrets.AUTHENTIK_CLIENT_SECRET }}",
                     "newAccounts": true