mirror
/
wildebeest
kopia lustrzana https://github.com/cloudflare/wildebeest
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność
wildebeest/docs/access-policy.md

3.1 KiB
Czysty Bezpośredni odnośnik Wina Historia

IndexBackSupported clients

Access Policy

Wildebeest has no user registration

Wildebeest uses Zero Trust Access to handle user authentication. It assumes that your users will register with another identity provider (Zero Trust supports many providers or your custom one that implements Generic SAML 2.0).

When you start using Wildebeest with a client, you don't need to register. Instead, you go straight to log in, which will redirect you to the Access page and handle the authentication step according to the policy that you defined earlier.

When authenticated, Access will redirect you back to Wildebeest. The first time this happens, we will detect that we don't have information about the user and ask for your Username and Display Name. This will be asked only once and is what will show in your public Mastodon profile.

first login

Configure your access policy

The installation process automatically created a Zero Trust Access application called wildebeest-your-github-user for you. Now you need to create a policy that defines who can have access to your Wildebeest instance.

Go to https://one.dash.cloudflare.com/access and select your account, then select Access / Applications and Edit the wildebeest-your-github-user application.

access applications

Now click Add a policy. Name the policy wildebeest-policy, set the action to Allow, and add an include rule with the list of Emails that you want to allow and then click Save policy

access policy

You're ready

Open your browser and go to your newly deployed Wildebeest domain https://social.example/ (replace social.example with your domain). You should see something like this:

ready

Go to https://social.example/api/v1/instance (replace social.example with your domain) and double-check your configuration. It should show:

{
	"description": "Private Mastodon Server",
	"email": "admin@social.example",
	"title": "My Wildebeest Server",
	"registrations": false,
	"version": "4.0.2",
	"rules": [],
	"uri": "social.example",
	"short_description": "Private Mastodon Server"
}

That's it, you're ready to start using your Wildebeest Mastodon compatible instance.

IndexBackSupported clients