feat(auth): Use bind mount for providers.toml config file

Changed the way the `auth` service source its providers file to use a
bindmount and use a default path if no `PROVIDER_FILE` env is set

src/auth/config/.gitignore

@@ -0,0 +1 @@
+providers.toml

src/auth/config/providers.schema.json

@@ -0,0 +1 @@
+{"type":"object","required":["providers"],"properties":{"providers":{"type":"object","patternProperties":{"^.*$":{"anyOf":[{"type":"object","required":["token_url","auth_url","info_url","client_id","client_secret","scopes","redirect_url","user","display_name"],"properties":{"token_url":{"type":"string"},"auth_url":{"type":"string"},"info_url":{"type":"string"},"client_id":{"type":"string"},"client_secret":{"anyOf":[{"type":"object","required":["env"],"properties":{"env":{"type":"string","description":"Secret is stored in the env var"}}},{"type":"object","required":["inline"],"properties":{"inline":{"type":"string","description":"Secret is inline here"}}}]},"scopes":{"type":"array","items":{"type":"string"}},"redirect_url":{"type":"string"},"user":{"type":"object","required":["unique_id","name"],"properties":{"unique_id":{"type":"string","description":"A unique identifier for this provider","default":"email"},"name":{"type":"string","description":"A name for this provider","default":"name"}},"default":{"unique_id":"email","name":"name"}},"display_name":{"type":"string"},"color":{"type":"object","properties":{"default":{"type":"string"},"hover":{"type":"string"}}}}},{"type":"object","required":["openid_url","client_id","client_secret","scopes","redirect_url","user","display_name"],"properties":{"openid_url":{"type":"string"},"client_id":{"type":"string"},"client_secret":{"anyOf":[{"type":"object","required":["env"],"properties":{"env":{"type":"string","description":"Secret is stored in the env var"}}},{"type":"object","required":["inline"],"properties":{"inline":{"type":"string","description":"Secret is inline here"}}}]},"scopes":{"type":"array","items":{"type":"string"}},"redirect_url":{"type":"string"},"user":{"type":"object","required":["unique_id","name"],"properties":{"unique_id":{"type":"string","description":"A unique identifier for this provider","default":"email"},"name":{"type":"string","description":"A name for this provider","default":"name"}},"default":{"unique_id":"email","name":"name"}},"display_name":{"type":"string"},"color":{"type":"object","properties":{"default":{"type":"string"},"hover":{"type":"string"}}}}}]}}},"$schema":{"type":"string"}}}

src/auth/config/providers.toml.template

@@ -0,0 +1,23 @@
+"$schema" = "https://maix.me/providers.schema.json"
+
+[providers.provider-openid]
+openid_url = "https://example.com/openid-url-without-.wellknown"
+client_id = "CLIENT_ID"
+client_secret.inline = "INLINED SECRET INSIDE CONFIG FILE"
+scopes = ["any needed scope here", "openid", "email"]
+# this url is to point to the local thingy - ask maieul
+redirect_url = "https://local.maix.me:8888/api/auth/oauth2/provider-openid/callback"
+# from the `info_url` request, which json key we will take an unique provider id (default:email) and an name for the user (default:name)
+user = { unique_id = "email", name = "name" }
+display_name = "OpenID 1"
+
+[providers.discord]
+auth_url = "https://discord.com/oauth2/authorize"
+token_url = "https://discord.com/api/oauth2/token"
+info_url = "https://discord.com/api/v10/users/@me"
+client_secret.env = "PROVIDER_SECRET_DISCORD" # here the secret is provided in the env var with that name
+client_id = "CLIENT_ID"
+redirect_url = "https://local.maix.me:8888/api/auth/oauth2/discord/callback"
+scopes = ["identify"] # here no email asked :)
+user = { unique_id = "id", name = "username" } # for example discord provides some stuff, like unique_id and username, such that we dont have to ask additional permission to get the email
+display_name = "Discord"