From 7756c040db4a4803ee53e349bcb51c3d8ac2aa22 Mon Sep 17 00:00:00 2001
From: kat <kat@inskip.me>
Date: Fri, 23 Sep 2022 18:14:41 -0700
Subject: [PATCH] fix(services/keycloak): group

---
 services/keycloak.nix | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/services/keycloak.nix b/services/keycloak.nix
index ddb755d4..14775d41 100644
--- a/services/keycloak.nix
+++ b/services/keycloak.nix
@@ -18,7 +18,7 @@ in {
       hostname-strict = false;
       http-relative-path = "/auth";
       hostname-strict-backchannel = true;
-      https-key-store-file = "/var/lib/acme/domain-auth/trust-store.jks";
+      https-key-store-file = "/var/lib/acme/auth.kittywit.ch/trust-store.jks";
       https-key-store-password = keystore-pass;
       };
     };
@@ -28,7 +28,7 @@ in {
     gid = 10600;
     members = [ "keycloak" ];
   };
-
+/*
   security.acme.certs."auth.kittywit.ch" = {
     group = "domain-auth";
     postRun = ''
@@ -36,7 +36,7 @@ in {
       ${pkgs.adoptopenjdk-jre-bin}/bin/keytool -import -alias auth.kittywit.ch -noprompt -keystore trust-store.jks -keypass ${keystore-pass} -storepass ${keystore-pass} -file cert.pem
       chown acme:domain-auth ./trust-store.jks
     '';
-  };
+  };*/
 
   users.groups.keycloak = { };
   users.users.keycloak = {
@@ -56,7 +56,6 @@ in {
   };
 
   services.nginx.virtualHosts."auth.kittywit.ch" = {
-    useACMEHost = "domain-auth";
     forceSSL = true;
     locations = {
       "/".extraConfig = ''