gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(network): uqdn

Browse source
This commit is contained in:
Kat Inskip 2022-09-26 08:52:51 -07:00
parent d1dc6a0e72
commit 58992ff283
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
6 changed files with 53 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

6
services/keycloak.nix
View file

@ -1,7 +1,7 @@
{ config, pkgs, lib, tf, ... }: with lib; let
id = tf.acme.certs."auth.kittywit.ch".out.resource.getAttr "id";
in {
services.keycloak = {
services.keycloak = lib.mkIf (tf.state.enable) {
enable = builtins.getEnv "CI_PLATFORM" == "impure";
package = (pkgs.keycloak.override {
jre = pkgs.openjdk11;
@ -33,12 +33,12 @@ in {
members = [ "keycloak" "openldap" ];
};
systemd.services.keycloak.script = lib.mkBefore ''
systemd.services.keycloak.script = lib.mkIf (tf.state.enable) (lib.mkBefore ''
mkdir -p /run/keycloak
if [[ ! -e /run/keycloak/${id}.jks ]]; then
${pkgs.adoptopenjdk-jre-bin}/bin/keytool -import -alias auth.kittywit.ch -noprompt -keystore /run/keycloak/${id}.jks -keypass ${id} -storepass ${id} -file ${config.domains.kittywitch-keycloak.cert_path}
fi
'';
'');
users.groups.keycloak = { };

1
services/vaultwarden.nix
View file

@ -71,5 +71,6 @@
network = "internet";
type = "cname";
domain = "vault";
zone = "kittywit.ch.";
};
}