TheWanderingCrow/CrOS
1
0
Fork 0
mirror of https://github.com/TheWanderingCrow/CrOS.git synced 2026-02-25 13:42:33 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

add authentik

Browse source
This commit is contained in:
TheWanderingCrow 2025-11-02 11:45:03 -05:00
parent ca8a707ae2
commit 3d610bb84e
3 changed files with 45 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

36
modules/services/auth-provider/default.nix
View file

@ -1,17 +1,49 @@
{config, ...}: {
{ inputs, config, ... }:
let
sopsFolder = builtins.toString inputs.nix-secrets + "/sops";
in
{
services.caddy = {
enable = true;
virtualHosts."auth.wanderingcrow.net".extraConfig = ''
reverse_proxy http://localhost:5555
'';
};
sops.secrets = {
"authentik/secret-key" = {
sopsFile = "${sopsFolder}/services.yaml";
};
"authentik/smtp/host" = {
sopsFile = "${sopsFolder}/services.yaml";
};
"authentik/smtp/port" = {
sopsFile = "${sopsFolder}/services.yaml";
};
"authentik/smtp/user" = {
sopsFile = "${sopsFolder}/services.yaml";
};
"authentik/smtp/pass" = {
sopsFile = "${sopsFolder}/services.yaml";
};
};
sops.templates.authentik-env.content = ''
AUTHENTIK_SECRET_KEY=qwerasvvbkuhjbn235987@!$
AUTHENTIK_SECRET_KEY=${config.sops.placeholder."authentik/secret-key"}
AUTHENTIK_LISTEN__HTTP=127.0.0.1:5555
AUTHENTIK_LISTEN__HTTPS=127.0.0.1:5443
AUTHENTIK_EMAIL__HOST=${config.sops.placeholder."authentik/smtp/host"}
AUTHENTIK_EMAIL__PORT=${config.sops.placeholder."authentik/smtp/port"}
AUTHENTIK_EMAIL__USERNAME=${config.sops.placeholder."authentik/smtp/user"}
AUTHENTIK_EMAIL__PASSWORD=${config.sops.placeholder."authentik/smtp/pass"}
AUTHENTIK_EMAIL__FROM=${config.sops.placeholder."authentik/smtp/user"}
'';
services.authentik = {
enable = true;
environmentFile = config.sops.templates.authentik-env.path;
settings.email = {
use_tls = true;
use_ssl = true;
};
};
}