From 0fe81d7431bba843679ace05719804505b5b79b6 Mon Sep 17 00:00:00 2001
From: Kat Inskip <kat@inskip.me>
Date: Wed, 13 Mar 2024 22:01:18 -0700
Subject: [PATCH] fix(keycloak): domain

---
 nixos/keycloak.nix       | 1 +
 tf/cloudflare_records.tf | 1 +
 2 files changed, 2 insertions(+)

diff --git a/nixos/keycloak.nix b/nixos/keycloak.nix
index 08211dfc..66ad494a 100644
--- a/nixos/keycloak.nix
+++ b/nixos/keycloak.nix
@@ -14,6 +14,7 @@ users.users.keycloak = {
     group = "keycloak";
 };
 
+networking.firewall.allowedTCPPorts = [ 80 ];
 users.groups.keycloak = {};
 systemd.services.keycloak.serviceConfig.DynamicUser = mkForce false;
 
diff --git a/tf/cloudflare_records.tf b/tf/cloudflare_records.tf
index 40138d0f..7cad4def 100644
--- a/tf/cloudflare_records.tf
+++ b/tf/cloudflare_records.tf
@@ -33,6 +33,7 @@ module "hakurei_system_records" {
     "freeipa",
     "ldap",
     "pbx",
+    "sso",
     "smb",
     "kitchen",
     "yt",