diff --git a/api/tacticalrmm/tacticalrmm/urls.py b/api/tacticalrmm/tacticalrmm/urls.py index b5b190944d..8a248619f0 100644 --- a/api/tacticalrmm/tacticalrmm/urls.py +++ b/api/tacticalrmm/tacticalrmm/urls.py @@ -24,8 +24,6 @@ def to_url(self, value): urlpatterns = [ path("", home), - # all auth urls - path("_allauth/", include(allauth_urls)), path("v2/checkcreds/", CheckCredsV2.as_view()), path("v2/login/", LoginViewV2.as_view()), path("logout/", knox_views.LogoutView.as_view()), @@ -44,10 +42,15 @@ def to_url(self, value): path("scripts/", include("scripts.urls")), path("alerts/", include("alerts.urls")), path("accounts/", include("accounts.urls")), - path("accounts/", include("ee.sso.urls")), path("reporting/", include("ee.reporting.urls")), ] +if not getattr(settings, "TRMM_DISABLE_SSO", False): + urlpatterns += ( + path("_allauth/", include(allauth_urls)), + path("accounts/", include("ee.sso.urls")), + ) + if getattr(settings, "BETA_API_ENABLED", False): urlpatterns += (path("beta/v1/", include("beta.v1.urls")),) diff --git a/docker/.env.example b/docker/.env.example index 51c20b98ea..0321927b66 100644 --- a/docker/.env.example +++ b/docker/.env.example @@ -5,7 +5,7 @@ VERSION=latest TRMM_USER=tactical TRMM_PASS=tactical -# optional web port override settings +# optional web port override settings TRMM_HTTP_PORT=80 TRMM_HTTPS_PORT=443 @@ -30,3 +30,6 @@ TRMM_DISABLE_WEB_TERMINAL=False # disable server side scripts TRMM_DISABLE_SERVER_SCRIPTS=False + +# disable sso +TRMM_DISABLE_SSO=False diff --git a/docker/containers/tactical/entrypoint.sh b/docker/containers/tactical/entrypoint.sh index eb35a71293..0eda08394e 100644 --- a/docker/containers/tactical/entrypoint.sh +++ b/docker/containers/tactical/entrypoint.sh @@ -20,6 +20,7 @@ set -e : "${SKIP_UWSGI_CONFIG:=0}" : "${TRMM_DISABLE_WEB_TERMINAL:=False}" : "${TRMM_DISABLE_SERVER_SCRIPTS:=False}" +: "${TRMM_DISABLE_SSO:=False}" : "${CERT_PRIV_PATH:=${TACTICAL_DIR}/certs/privkey.pem}" : "${CERT_PUB_PATH:=${TACTICAL_DIR}/certs/fullchain.pem}" @@ -120,6 +121,7 @@ MESH_WS_URL = '${MESH_WS_URL}' ADMIN_ENABLED = False TRMM_DISABLE_WEB_TERMINAL = ${TRMM_DISABLE_WEB_TERMINAL} TRMM_DISABLE_SERVER_SCRIPTS = ${TRMM_DISABLE_SERVER_SCRIPTS} +TRMM_DISABLE_SSO = ${TRMM_DISABLE_SSO} EOF )" diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 1ebefee565..f71cfab7ac 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -64,6 +64,7 @@ services: TRMM_PASS: ${TRMM_PASS} TRMM_DISABLE_WEB_TERMINAL: ${TRMM_DISABLE_WEB_TERMINAL} TRMM_DISABLE_SERVER_SCRIPTS: ${TRMM_DISABLE_SERVER_SCRIPTS} + TRMM_DISABLE_SSO: ${TRMM_DISABLE_SSO} depends_on: - tactical-postgres - tactical-meshcentral