mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-09 12:29:19 -08:00
feat(tei): update to kanidm-develop
OAuth 2.0 localhost redirects aren't part of a kanidm release yet.
This commit is contained in:
arcnmx
parent
c1faa39712
commit
2039c1a9dd
5 changed files with 23 additions and 3 deletions
|
|
@ -22,6 +22,7 @@ in {
|
||||||
gh-actions.env.CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
|
gh-actions.env.CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
|
||||||
|
|
||||||
nix.config = {
|
nix.config = {
|
||||||
|
accept-flake-config = true;
|
||||||
extra-platforms = ["aarch64-linux" "armv6l-linux" "armv7l-linux"];
|
extra-platforms = ["aarch64-linux" "armv6l-linux" "armv7l-linux"];
|
||||||
#extra-sandbox-paths = with channels.cipkgs; map (package: builtins.unsafeDiscardStringContext "${package}?") [bash qemu "/run/binfmt"];
|
#extra-sandbox-paths = with channels.cipkgs; map (package: builtins.unsafeDiscardStringContext "${package}?") [bash qemu "/run/binfmt"];
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -20,6 +20,7 @@ with lib; {
|
||||||
channels.nixfiles.path = ../.;
|
channels.nixfiles.path = ../.;
|
||||||
|
|
||||||
nix.config = {
|
nix.config = {
|
||||||
|
accept-flake-config = true;
|
||||||
extra-platforms = ["aarch64-linux" "armv6l-linux" "armv7l-linux"];
|
extra-platforms = ["aarch64-linux" "armv6l-linux" "armv7l-linux"];
|
||||||
#extra-sandbox-paths = with channels.cipkgs; map (package: builtins.unsafeDiscardStringContext "${package}?") [bash qemu "/run/binfmt"];
|
#extra-sandbox-paths = with channels.cipkgs; map (package: builtins.unsafeDiscardStringContext "${package}?") [bash qemu "/run/binfmt"];
|
||||||
};
|
};
|
||||||
|
|
|
||||||
6
flake.lock
generated
6
flake.lock
generated
|
|
@ -3,11 +3,11 @@
|
||||||
"arcexprs": {
|
"arcexprs": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1705947565,
|
"lastModified": 1706196577,
|
||||||
"narHash": "sha256-L82r4wYC86SygCpUa7WNqyZGs0EtntsIhQoFTw7MmJs=",
|
"narHash": "sha256-lFG8gaadISrBFAYRcdEeWMoZuZD1QWFLeP0fHCHQPIE=",
|
||||||
"owner": "arcnmx",
|
"owner": "arcnmx",
|
||||||
"repo": "nixexprs",
|
"repo": "nixexprs",
|
||||||
"rev": "e720dd2e934b4a36ba65087a469a56e2958b9093",
|
"rev": "d7ed162f0b61e1657955446d239e4eddba116f61",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
||||||
10
flake.nix
10
flake.nix
|
|
@ -27,6 +27,16 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
nixConfig = {
|
||||||
|
extra-substituters = [
|
||||||
|
"https://arc.cachix.org"
|
||||||
|
"https://kittywitch.cachix.org"
|
||||||
|
];
|
||||||
|
extra-trusted-public-keys = [
|
||||||
|
"arc.cachix.org-1:DZmhclLkB6UO0rc0rBzNpwFbbaeLfyn+fYccuAy7YVY="
|
||||||
|
"kittywitch.cachix.org-1:KIzX/G5cuPw5WgrXad6UnrRZ8UDr7jhXzRTK/lmqyK0="
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
outputs = {
|
outputs = {
|
||||||
self,
|
self,
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,7 @@
|
||||||
config,
|
config,
|
||||||
lib,
|
lib,
|
||||||
meta,
|
meta,
|
||||||
|
pkgs,
|
||||||
...
|
...
|
||||||
}: let
|
}: let
|
||||||
inherit (lib.modules) mkIf mkMerge;
|
inherit (lib.modules) mkIf mkMerge;
|
||||||
|
|
@ -29,6 +30,13 @@ in {
|
||||||
|
|
||||||
sops.defaultSopsFile = ./secrets.yaml;
|
sops.defaultSopsFile = ./secrets.yaml;
|
||||||
|
|
||||||
|
services.kanidm = {
|
||||||
|
package = lib.warnIf
|
||||||
|
(pkgs.kanidm.version != "1.1.0-rc.15")
|
||||||
|
"upstream kanidm may have localhost oauth2 support now!"
|
||||||
|
pkgs.kanidm-develop;
|
||||||
|
};
|
||||||
|
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
interfaces.local.allowedTCPPorts = mkMerge [
|
interfaces.local.allowedTCPPorts = mkMerge [
|
||||||
(mkIf kanidm.enableServer [
|
(mkIf kanidm.enableServer [
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue