Add identity for `icon`
diff --git a/TODO.on.site b/TODO.on.site
index 6113ec5..e252513 100644
--- a/TODO.on.site
+++ b/TODO.on.site
@@ -8,3 +8,4 @@
Adapt checked in files:
* Set server_name in `nginx/sa.conf`
* Set SIMPLEID_BASE_URL in `simpleid/www/config.php`
+* Make sure identities point to the right URL
diff --git a/simpleid/identities/icon.identity b/simpleid/identities/icon.identity
new file mode 100644
index 0000000..f6ad52d
--- /dev/null
+++ b/simpleid/identities/icon.identity
@@ -0,0 +1,233 @@
+; :mode=ini:
+; $Id$
+;
+;
+; SimpleID identity file.
+;
+; This file contains all the data associated with an identity. It should
+; always be named username.identity, where username is the user name to be used
+; when logging into SimpleID.
+;
+; In this file, if a value contains non-numeric characters, you will need to
+; surround it with quotation characters.
+;
+
+;
+; The OpenID Identifier associated with this identity. This is typically a
+; URL, although the OpenID specifications allow the use of URIs and even XRIs.
+;
+; Relying parties must be able to resolve the identity to obtain the address
+; of this SimpleID installation.
+;
+; WARNING: If you change the OpenID Identifier after you have used it in
+; SimpleID, you will need to delete all files named 'identity-*.cache' in the
+; cache directory.
+;
+; Examples:
+; http://example.com/
+; http://example.com:8888/
+; http://example.com/myopenid
+; https://example.com:8080/myopenid
+;
+identity="https://id.miau.local/icon"
+
+;
+; The password associated with this identity.
+;
+; The password is encoded as follows:
+;
+; pass="hash:algorithm:other_params"
+;
+; There are three components to the password string. Only the first component
+; (the hash) is required, the other two are optional.
+;
+; 1. The hash of the password. For backwards compatibility reasons, the
+; default algorithm for hashing the password is MD5.
+;
+; However, you are strongly encouraged to use a much stronger password
+; hashing algorithm, such as PBKDF2 with a HMAC-SHA256 function and at least
+; 100,000 iterations.
+;
+; 2. The algorithm used to hash the password. If this is omitted, 'md5' is assumed.
+;
+; Allowed algorithms are:
+;
+; - md5
+; - sha1
+; - if the hash module is enabled, pbkdf2 and any algorithms available from that
+; module
+;
+; 3. Other parameters.
+;
+; For md5 and sha1, this is an optional salt used to hash the password. If
+; used, the password is appended by a colon character (:) then the salt before
+; a hash is calculated, that is:
+;
+; hash(password:salt)
+;
+; For pbkdf2, it is the underlying pseudorandom function, the number of
+; iterations and the salt, separated by colons.
+;
+; Examples (these contain the same password):
+; 1a79a4d60de6718e8e5b326e338ae533 ; MD5 hash and no salt
+; c3499c2729730a7f807efb8676a92dcb6f8a3f8f:sha1 ; SHA1 hash and no salt
+; f5e6ea5714945786623ad3932ccc757d::ideally-a-large-number-of-random-characters-to-use-as-salt ; MD5 hash with salt
+; 9bce4e6997c6f2590717686bd62f99e33d5c6e1c:sha1:ideally-a-large-number-of-random-characters-to-use-as-salt ; SHA1 hash with salt
+; c6e1aa5914c6e4e55fae69093afbc02e180810dcc7d3da9f863aa54f3d76e2c3:pbkdf2:sha256:100000:ideally-a-large-number-of-random-characters-to-use-as-salt ; PBKDF2
+;
+pass="9885d0ea104f04cb8a9299b8cf597baff16673dfa6fcee7fce9d98bb6868956d:pbkdf2:sha256:100000:uiaecubklb"
+
+;
+; Whether this user is given administrative privileges in SimpleID.
+;
+; This setting has no effect in the current version of SimpleID. However,
+; more functionality may be added to SimpleID in future versions which will
+; be restricted to SimpleID administrators.
+;
+; You should grant administrative privileges to at least one user.
+;
+; If you wish this user to be given administrative privileges, uncomment the
+; line below.
+;
+;administrator=1
+
+;
+; Advanced users only: SSL client certificates associated with this identity.
+;
+; You can associate SSL client certificates to this identity, so that you can
+; log in using certificates instead of supplying a user name or password.
+;
+; The SSL certicate is identified using two parameters:
+;
+; - the certificate's serial number
+; - the distinguished name of the certificate's issuer
+;
+; You can find out these two values using OpenSSL by running the following
+; commands (replacing the file name of the certificate as required):
+;
+; openssl x509 -noout -serial -in certificate.crt
+; openssl x509 -noout -issuer -in certificate.crt
+;
+; These two values are then joined together using a semicolon.
+;
+; This option is for advanced users only. Please see the documentation at
+; http://simpleid.org/docs/1/certauth/
+; for details on how to set this up.
+;
+; Note, you must also enable the certauth extension in SimpleID. To
+; do this, make sure the SIMPLEID_EXTENSIONS option in config.php contains
+; certauth
+
+; Example:
+;
+;[certauth]
+;cert[]="02A97C;/C=XX/O=Example CA/OU=Example CA Certificate Signing/CN=Example Client CA"
+
+
+;
+; OpenID Connect user information.
+;
+; If you want to provide personal data to OpenID Connect clients, uncomment the
+; section below and fill in your details.
+;
+; Note that you will need to supply your data in this section again even if you
+; have uncommented and filled in the Simple Registration Extension and/or
+; Attribute Exchange Extension information in the sections below. SimpleID
+; does not pick these up automatically.
+;
+; WARNING: The address fields below are only supported by PHP 5.3 or later.
+; Earlier versions of PHP are not able to read identity files with
+; associative arrays
+;
+;[user_info]
+;name="Example"
+;given_name="Example"
+;family_name="Example"
+;middle_name="Example"
+;nickname="Example"
+;profile="http://example.com/profile/example"
+;picture="http://example.com/profile/example.jpg"
+;website="http://example.com/blog/example"
+;email="example@example.com"
+;gender="male"
+;birthday="12/31/2000"
+;zoneinfo="Australia/Sydney"
+;locale="en-AU"
+;phone_number="+61400000000"
+;address["formatted"]="1 George Street, Sydney NSW 2000, Australia"
+;address["street_address"]="1 George Street"
+;address["locality"]="Sydney"
+;address["region"]="NSW"
+;address["postal_code"]="2000"
+;address["country"]="Australia"
+
+
+;
+; Simple Registration Extension data.
+;
+; If you want to provide registration data to relying parties which support the
+; Simple Registration Extension, uncomment the section below and fill
+; in your details.
+;
+; Further information on the Simple Registration Extension can be found at
+; http://simpleid.org/docs/1/extensions-bundled/#sreg
+;
+; Note, you must also enable the Simple Registration Extension in SimpleID. To
+; do this, make sure the SIMPLEID_EXTENSIONS option in config.php contains
+; sreg
+;
+[sreg]
+nickname="icon"
+email="nico.h@gmx.de"
+fullname="Nico Huber"
+;dob="2000-00-00"
+;gender="M"
+;postcode="1234"
+country="de"
+;language="au"
+timezone="Europe/Berlin"
+
+
+;
+; Attribute Exchange Extension data.
+;
+; If you want to provide personal identity information data to relying parties
+; which support the Attribute Exchange Extension, uncomment the section below
+; and fill in your details.
+;
+; The format of this section is attribute type URI=attribute value. Examples
+; are given below.
+;
+; For a full list of attributes, see http://openid.net/specs/openid-attribute-properties-list-1_0-01.html
+;
+; Note if you have already uncommented and filled out the OpenID Connect user
+; information and/or Simple Registration Extension data above, you do not need
+; to fill out the corresponding attributes again in the section below. SimpleID
+; will pick these up automatically, including:
+;
+; http://axschema.org/namePerson/friendly
+; http://axschema.org/contact/email
+; http://axschema.org/namePerson
+; http://axschema.org/birthDate
+; http://axschema.org/person/gender
+; http://axschema.org/contact/postalCode/home
+; http://axschema.org/contact/country/home
+; http://axschema.org/pref/language
+; http://axschema.org/pref/timezone
+; http://openid.net/schema/namePerson/friendly
+; http://openid.net/schema/contact/internet/email
+; http://openid.net/schema/gender
+; http://openid.net/schema/contact/postalCode/home
+; http://openid.net/schema/contact/country/home
+; http://openid.net/schema/language/pref
+; http://openid.net/schema/timezone
+;
+; Note, you must also enable the Attribute Exchange Extension in SimpleID. To
+; do this, make sure the SIMPLEID_EXTENSIONS option in config.php contains
+; ax
+;
+;[ax]
+;http://openid.net/schema/company/name="Example Company Limited"
+;http://openid.net/schema/company/title="Managing Director"
+;http://openid.net/schema/contact/web/blog="http://simpleid.org/"
+
diff --git a/simpleid/www/icon b/simpleid/www/icon
new file mode 100644
index 0000000..0754a48
--- /dev/null
+++ b/simpleid/www/icon
@@ -0,0 +1,8 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html>
+ <head>
+ <link rel="openid.server" href="https://id.miau.local/" />
+ <link rel="openid2.provider" href="https://id.miau.local/" />
+ </head>
+</html>