From 855278a3e8f57a5f998a4bdc2223507d20e3cd3c Mon Sep 17 00:00:00 2001 From: TheWanderingCrow Date: Mon, 10 Nov 2025 10:00:07 -0500 Subject: [PATCH] add lubelogger to oauth --- flake.lock | 8 ++--- modules/services/lubelogger/default.nix | 39 +++++++++++++++++++++---- 2 files changed, 38 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index bdc7cdf..2271363 100644 --- a/flake.lock +++ b/flake.lock @@ -387,11 +387,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1762643722, - "narHash": "sha256-pDwGVYN6i/5uY4p/RXcQ5EKEv386JrkykxSvwoRHp5E=", + "lastModified": 1762789130, + "narHash": "sha256-gN/csIkBKUGRx2S9EVmt1Bar5XaObl76W+DTSrzR9fs=", "ref": "refs/heads/master", - "rev": "489860d74b0a1550549b06230ff3e5a609de52b5", - "revCount": 149, + "rev": "acfa99641e9ea7cf1ff5de98c30ce9535f89e7b5", + "revCount": 151, "type": "git", "url": "ssh://git@github.com/TheWanderingCrow/nix-secrets" }, diff --git a/modules/services/lubelogger/default.nix b/modules/services/lubelogger/default.nix index dc62ba9..0c2284a 100644 --- a/modules/services/lubelogger/default.nix +++ b/modules/services/lubelogger/default.nix @@ -27,18 +27,47 @@ in "lubelogger/pass_hash" = { sopsFile = "${sopsFolder}/services.yaml"; }; + "lubelogger/admin_email" = { + sopsFile = "${sopsFolder}/services.yaml"; + }; + "lubelogger/mailer/server" = { + sopsFile = "${sopsFolder}/services.yaml"; + }; + "lubelogger/mailer/port" = { + sopsFile = "${sopsFolder}/services.yaml"; + }; + "lubelogger/mailer/user" = { + sopsFile = "${sopsFolder}/services.yaml"; + }; + "lubelogger/mailer/pass" = { + sopsFile = "${sopsFolder}/services.yaml"; + }; + "lubelogger/oidc/id" = { + sopsFile = "${sopsFolder}/services.yaml"; + }; + "lubelogger/oidc/secret" = { + sopsFile = "${sopsFolder}/services.yaml"; + }; }; templates."lubelogger-env".content = '' LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 - MailConfig__EmailServer="" - MailConfig__EmailFrom="" + MailConfig__EmailServer="${config.sops.placeholder."lubelogger/mailer/server"}" + MailConfig__EmailFrom="${config.sops.placeholder."lubelogger/mailer/user"}" MailConfig__Port=587 - MailConfig__Username="" - MailConfig__Password="" + MailConfig__Username="${config.sops.placeholder."lubelogger/mailer/user"}" + MailConfig__Password="${config.sops.placeholder."lubelogger/mailer/pass"}" UserNameHash="${config.sops.placeholder."lubelogger/user_hash"}" UserPasswordHash="${config.sops.placeholder."lubelogger/pass_hash"}" LUBELOGGER_CUSTOM_WIDGETS=true + OpenIDConfig__Name=Pocket ID + OpenIDConfig__ClientId=${config.sops.placeholder."lubelogger/oidc/id"} + OpenIDConfig__ClientSecret=${config.sops.placeholder."lubelogger/oidc/secret"} + OpenIDConfig__AuthURL=https://auth.wanderingcrow.net/authorize + OpenIDConfig__RedirectURL=https://garage.wanderingcrow.net/Login/RemoteAuth + OpenIDConfig__TokenURL=https://auth.wanderingcrow.net/api/oidc/token + OpenIDConfig__Scope=openid email + OpenIDConfig__UsePKCE=true ''; }; @@ -53,7 +82,7 @@ in backend = "podman"; containers = { "lubelogger" = { - image = "ghcr.io/hargata/lubelogger:latest"; + image = "ghcr.io/hargata/lubelogger:v1.5.4"; extraOptions = [ "--ip=10.88.0.8" ]; environmentFiles = [ config.sops.templates."lubelogger-env".path ]; volumes = [