001_momo_koeln: Add keycloak

This commit is contained in:
Akshay Mankar 2023-03-31 15:20:56 +02:00
parent 366d3b1278
commit 6e6e5857fd
Signed by untrusted user: axeman
GPG key ID: CA08F3AB62369B89
2 changed files with 27 additions and 0 deletions

View file

@ -5,6 +5,8 @@
[ [
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./keycloak.nix
]; ];
pub-solar.core.lite = true; pub-solar.core.lite = true;

View file

@ -0,0 +1,25 @@
{
config,
lib,
inputs,
pkgs,
self,
...
}: {
age.secrets.keycloak-database-password = {
file = "${self}/secrets/keycloak-database-password.age";
mode = "700";
};
# keycloak
services.keycloak = {
enable = true;
database.passwordFile = config.age.secrets.keycloak-database-password.path;
settings = {
hostname = "auth.momo.koeln";
http-host = "127.0.0.1";
http-port = 8080;
proxy = "edge";
};
};
}