% Création d'un client ID Wallabag

# Introduction

Pour connecter Frigoligo ou l'extension Firefox, il faut un `Client ID` et un `Secret ID`.


# Procédure

![](images/wallabag-1.png)

Sur la page suivante, apparaissent les éléments à copier:

Voici les paramètres de votre client.
Nom du client 	laurent
ID client 	
Clé secrète 	

# Conf NGINX

Il faut désactiver les redirections mauvaises données par yunohost pour autoriser l'utilisation de clients iOS (ReadKit)

## Reverse proxy

```
server {
    server_name wallabag.aezi.fr;

    # HTTP configuration

    # HTTP to HTTPS
    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    # HTTPS configuration
    #listen [::]:443 ssl ipv6only=on; # managed by Certbot
    #listen 443 ssl; # managed by Certbot
    #ssl_certificate /etc/letsencrypt/live/nu.aezi.fr/fullchain.pem; # managed by Certbot
    #ssl_certificate_key /etc/letsencrypt/live/nu.aezi.fr/privkey.pem; # managed by Certbot
    #include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    #location /yunohost/sso {
    #    rewrite ^ $scheme://nu.aezi.fr/$request_uri ;
    #}

    listen 443 ssl; # managed by Certbot
    listen [::]:443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/nu.aezi.fr/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/nu.aezi.fr/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    # IMPORTANT : headers proxy standards
    proxy_set_header  Host              $host;
    proxy_set_header  X-Real-IP         $remote_addr;
    proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header  X-Forwarded-Proto $scheme;
    proxy_pass_header Set-Cookie;
    proxy_pass_header Cookie;
    proxy_read_timeout                  900;

    # OAuth endpoint (ReadKit, applis mobiles)
    location ^~ /oauth/ {
        proxy_pass https://10.1.0.14:443;
    }

    # API endpoint (clients wallabag)
    location ^~ /api/ {
        proxy_pass https://10.1.0.14:443;
    }


    location / {
        proxy_pass  https://10.1.0.14:443;
        proxy_redirect                      off;
        #proxy_set_header  Host              $http_host;
    }

    #location ^~ /yunohost/ {
	#rewrite ^ $scheme://nu.aezi.fr/$request_uri permanent;
        #proxy_pass  https://10.1.0.14:443;
        #proxy_redirect                      off;
        #proxy_set_header  Host              $http_host;
        #proxy_set_header  X-Real-IP         $remote_addr;
        #proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
        #proxy_set_header  X-Forwarded-Proto $scheme;
        #proxy_read_timeout                  900;
    #}


}
server {
    if ($host = wallabag.aezi.fr) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    server_name wallabag.aezi.fr;
    listen 80;
    listen [::]:80;
    return 404; # managed by Certbot


}


```




## Yunohost

Dans `/etc/nginx/conf.d/wallabag.aezi.fr.conf`, désactiver ces lignes:


```conf
    #access_by_lua_file /usr/share/ssowat/access.lua;  # Bloque ReadKit sur iOS
    #include /etc/nginx/conf.d/yunohost_sso.conf.inc; # Bloque ReadKit sur iOS
```