forked from pub-solar/os
001_momo_koeln: Add keycloak
This commit is contained in:
parent
366d3b1278
commit
6e6e5857fd
|
@ -5,6 +5,8 @@
|
||||||
[
|
[
|
||||||
# Include the results of the hardware scan.
|
# Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
|
||||||
|
./keycloak.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
pub-solar.core.lite = true;
|
pub-solar.core.lite = true;
|
||||||
|
|
25
hosts/host_001_momo_koeln/keycloak.nix
Normal file
25
hosts/host_001_momo_koeln/keycloak.nix
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
inputs,
|
||||||
|
pkgs,
|
||||||
|
self,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
age.secrets.keycloak-database-password = {
|
||||||
|
file = "${self}/secrets/keycloak-database-password.age";
|
||||||
|
mode = "700";
|
||||||
|
};
|
||||||
|
|
||||||
|
# keycloak
|
||||||
|
services.keycloak = {
|
||||||
|
enable = true;
|
||||||
|
database.passwordFile = config.age.secrets.keycloak-database-password.path;
|
||||||
|
settings = {
|
||||||
|
hostname = "auth.momo.koeln";
|
||||||
|
http-host = "127.0.0.1";
|
||||||
|
http-port = 8080;
|
||||||
|
proxy = "edge";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue