testing keycloak

2026-01-10 17:34:05 -05:00 · 2025-10-14 22:09:56 -04:00 · 2025-10-14 22:09:56 -04:00 · 9da50149b1
commit 9da50149b1
parent 25426815d2
2 changed files with 10 additions and 4 deletions
--- a/3
+++ b/3
@ -12,6 +12,9 @@ build:
 [confirm('Rebuild the system?')]
 rebuild:
  sudo nixos-rebuild switch --flake .
+# For hacking on modules
+rebuild-fast:
+  sudo nixos-rebuild switch --fast --flake .
 # Update all flake inputs
 update:
  nix flake update --commit-lock-file
--- a/modules/services/auth-provider/default.nix
+++ b/modules/services/auth-provider/default.nix
@ -1,15 +1,18 @@
-{pkgs, ...}: {
-  environment.etc."testing-keycloak-pass".text = "PWD";
+{config, ...}: {
  services.caddy = {
    enable = true;
    virtualHosts."auth.wanderingcrow.net".extraConfig = ''
      reverse_proxy http://localhost:5555
    '';
  };
+
+  sops.secrets."keycloak/database/pass" = {};
+
  services.keycloak = {
    enable = true;
+    initialAdminPassword = "changeme";
    settings = {
-      hostname = "localhost";
+      hostname = "https://auth.wanderingcrow.net";
      http-port = 5555;
      https-port = 9443;
      http-enabled = true;
@ -18,7 +21,7 @@
    database = {
      type = "postgresql";
      createLocally = true;
-      passwordFile = "/etc/testing-keycloak-pass";
+      passwordFile = config.sops.secrets."keycloak/database/pass".path;
    };
  };
 }