b12f/os
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
os/hosts/nougat-2/keycloak.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

49 lines
1.1 KiB
Nix
Raw Normal View History

nougat-2 concourse setup
2023-07-02 10:48:34 +00:00
{
config,
lib,
inputs,
pkgs,
self,
...
}: let
pubsolarDomain = import ./pubsolar-domain.nix;
in {
age.secrets.keycloak-database-password = {
file = "${self}/secrets/keycloak-database-password.age";
mode = "700";
#owner = "keycloak";
};
containers.keycloak = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.101.0";
localAddress = "192.168.103.0";
hostAddress6 = "fc00::1";
localAddress6 = "fc00::3";
bindMounts = {
"/var/lib/postgresql/14" = {
hostPath = "/data/keycloak/db";
isReadOnly = false;
};
};
config = {
services.keycloak = {
enable = true;
database.passwordFile = config.age.secrets.keycloak-database-password.path;
settings = {
hostname = "auth.${pubsolarDomain}";
http-host = "0.0.0.0";
http-port = 8080;
proxy = "edge";
};
themes = {
"pub.solar" = inputs.keycloak-theme-pub-solar.legacyPackages.${pkgs.system}.keycloak-theme-pub-solar;
};
};
};
};
}
Reference in a new issue Copy permalink