Tabbed and improved user docs

docs/content/config/advanced/auth-oauth2.md

@@ -17,51 +17,62 @@ The present OAuth2 support provides the capability for 3rd-party applications su
 
 ## Example (Authentik & Roundcube)
 
-???+ example "Authentik"
+This example assumes you have:
-    1. Create a new OAuth2 provider
-    2. Note the client id and client secret
-    3. Set the allowed redirect url to the equivalent of `https://roundcube.example.com/index.php/login/oauth` for your RoundCube instance.
 
-???+ example "Docker Mailserver `mailserver.env`"
+- A working DMS server set up
-    ```env
+- An Authentik server set up ([documentation](https://goauthentik.io/docs/installation/))
-    # -----------------------------------------------
+- A Roundcube server set up (either [docker](https://hub.docker.com/r/roundcube/roundcubemail/) or [bare metal](https://github.com/roundcube/roundcubemail/wiki/Installation))
-    # --- OAUTH2 Section ----------------------------
-    # -----------------------------------------------
 
-    # empty => OAUTH2 authentication is disabled
+!!! example "Setup Instructions"
-    # 1 => OAUTH2 authentication is enabled
-    ENABLE_OAUTH2=1
 
-    # empty => verySecretId
+    === "1. Authentik"
-    # Specify the OAuth2 client ID
+        1. Create a new OAuth2 provider
-    OAUTH2_CLIENT_ID=<insert client id here>
+        2. Note the client id and client secret
+        3. Set the allowed redirect url to the equivalent of `https://roundcube.example.com/index.php/login/oauth` for your RoundCube instance.
 
-    # empty => verySecretSecret
+    === "2. Docker Mailserver"
-    # Specify the OAuth2 client secret
+        Edit the following values in `mailserver.env`:
-    OAUTH2_CLIENT_SECRET=<insert client secret here>
+        ```env
+        # -----------------------------------------------
+        # --- OAUTH2 Section ----------------------------
+        # -----------------------------------------------
 
-    # empty => https://oauth2.example.com/userinfo/
+        # empty => OAUTH2 authentication is disabled
-    # Specify the user info endpoint URL of the oauth2 provider
+        # 1 => OAUTH2 authentication is enabled
-    OAUTH2_INTROSPECTION_URL=https://authentik.example.com/application/o/userinfo/
+        ENABLE_OAUTH2=1
-    ```
 
-???+ example "Roundcube `oauth2.inc.php` ([documentation](https://github.com/roundcube/roundcubemail/wiki/Configuration))"
+        # empty => verySecretId
-    ```php
+        # Specify the OAuth2 client ID
-    $config['oauth_provider'] = 'generic';
+        OAUTH2_CLIENT_ID=<insert client id here>
-    $config['oauth_provider_name'] = 'Authentik';
-    $config['oauth_client_id'] = '<insert client id here>';
-    $config['oauth_client_secret'] = '<insert client secret here>';
-    $config['oauth_auth_uri'] = 'https://authentik.example.com/application/o/authorize/';
-    $config['oauth_token_uri'] = 'https://authentik.example.com/application/o/token/';
-    $config['oauth_identity_uri'] = 'https://authentik.example.com/application/o/userinfo/';
 
-    // Optional: disable SSL certificate check on HTTP requests to OAuth server. For possible values, see:
+        # empty => verySecretSecret
-    // http://docs.guzzlephp.org/en/stable/request-options.html#verify
+        # Specify the OAuth2 client secret
-    $config['oauth_verify_peer'] = false;
+        OAUTH2_CLIENT_SECRET=<insert client secret here>
 
-    $config['oauth_scope'] = 'email openid profile';
+        # empty => https://oauth2.example.com/userinfo/
-    $config['oauth_identity_fields'] = ['email'];
+        # Specify the user info endpoint URL of the oauth2 provider
+        OAUTH2_INTROSPECTION_URL=https://authentik.example.com/application/o/userinfo/
+        ```
 
-    // Boolean: automatically redirect to OAuth login when opening Roundcube without a valid session
+    === "3. Roundcube"
-    $config['oauth_login_redirect'] = false;
+        Add the following to `oauth2.inc.php` ([documentation](https://github.com/roundcube/roundcubemail/wiki/Configuration)):
-    ```
+
+        ```php
+        $config['oauth_provider'] = 'generic';
+        $config['oauth_provider_name'] = 'Authentik';
+        $config['oauth_client_id'] = '<insert client id here>';
+        $config['oauth_client_secret'] = '<insert client secret here>';
+        $config['oauth_auth_uri'] = 'https://authentik.example.com/application/o/authorize/';
+        $config['oauth_token_uri'] = 'https://authentik.example.com/application/o/token/';
+        $config['oauth_identity_uri'] = 'https://authentik.example.com/application/o/userinfo/';
+
+        // Optional: disable SSL certificate check on HTTP requests to OAuth server. For possible values, see:
+        // http://docs.guzzlephp.org/en/stable/request-options.html#verify
+        $config['oauth_verify_peer'] = false;
+
+        $config['oauth_scope'] = 'email openid profile';
+        $config['oauth_identity_fields'] = ['email'];
+
+        // Boolean: automatically redirect to OAuth login when opening Roundcube without a valid session
+        $config['oauth_login_redirect'] = false;
+        ```