only generate oidc secret for oidc

start.sh

@@ -22,12 +22,6 @@ if ! [ -f /app/data/.installed ]; then
     echo "==> Done."
 fi
 
-echo "==> Get OAUTH Crypto Passphrase"
-if [[ ! -f /app/data/.oauth_crypto_passphrase ]]; then
-    openssl rand -base64 42 > /app/data/.oauth_crypto_passphrase
-fi
-export OIDC_CRYPTO_PASSPHRASE=$(</app/data/.oauth_crypto_passphrase)
-
 if [[ ! -f /app/data/php.ini ]]; then
     echo -e "; Add custom PHP configuration in this file\n; Settings here are merged with the package's built-in php.ini\n\n" > /app/data/php.ini
 fi
@@ -45,18 +39,20 @@ for f in $(ls /app/code/extensions-orig); do
 done
 
 echo "==> Updating config file"
-php cli/reconfigure.php --default_user admin --base_url "https://${CLOUDRON_APP_DOMAIN}" \
+if [[ -z "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
+    extra_args="--default_user admin"
+    [[ ! -f /app/data/.oauth_crypto_passphrase ]] && openssl rand -base64 42 > /app/data/.oauth_crypto_passphrase
+    export OIDC_CRYPTO_PASSPHRASE=$(</app/data/.oauth_crypto_passphrase) # used in apache config
+else
+    extra_args="--auth_type http_auth"
+fi
+
+php cli/reconfigure.php ${extra_args} --base_url "https://${CLOUDRON_APP_DOMAIN}" \
     --db-type mysql --db-host "${CLOUDRON_MYSQL_HOST}" \
     --db-user "${CLOUDRON_MYSQL_USERNAME}" --db-password "${CLOUDRON_MYSQL_PASSWORD}" \
     --db-base "${CLOUDRON_MYSQL_DATABASE}" --db-prefix "" \
     --disable_update
 
-if [[ -z "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
-    php cli/reconfigure.php --default_user admin
-else
-    php cli/reconfigure.php --auth_type "http_auth"
-fi
-
 echo "==> Setting permissions"
 chown -R www-data.www-data /run/php /app/data /tmp/log_api.txt