gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(vouch): switch to keycloak

Browse source
This commit is contained in:
arcnmx 2024-03-18 15:34:25 -07:00
parent 88477df521
commit b9cb9dc54d
5 changed files with 38 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

9
systems/hakurei/nixos.nix
View file

@ -6,6 +6,7 @@
...
}: let
inherit (lib.modules) mkIf mkMerge;
keycloak = access.nixosFor "keycloak";
mediabox = access.nixosFor "mediabox";
tei = access.nixosFor "tei";
inherit (mediabox.services) plex;
@ -158,6 +159,9 @@ in {
])
];
};
"sso.${config.networking.domain}" = {
inherit (nginx) group;
};
};
services.nginx = let
@ -196,6 +200,11 @@ in {
url = "http://${mediabox.lib.access.hostnameForNetwork.local}:${toString mediabox.services.invidious.port}";
};
virtualHosts = {
"sso.${config.networking.domain}" = {
useACMEHost = "sso.${config.networking.domain}";
locations."/".proxyPass = "http://${keycloak.lib.access.hostnameForNetwork.local}:80";
forceSSL = true;
};
${access.kanidm.domain} = {
useACMEHost = access.kanidm.domain;
};