authentik running

modules/services/auth-provider/default.nix

@@ -5,23 +5,13 @@
       reverse_proxy http://localhost:5555
     '';
   };
-
-  sops.secrets."keycloak/database/pass" = {};
-
-  services.keycloak = {
+  sops.templates.authentik-env.content = ''
+    AUTHENTIK_SECRET_KEY=qwerasvvbkuhjbn235987@!$
+    AUTHENTIK_LISTEN__HTTP=127.0.0.1:5555
+    AUTHENTIK_LISTEN__HTTPS=127.0.0.1:5443
+  '';
+  services.authentik = {
     enable = true;
-    initialAdminPassword = "changeme";
-    settings = {
-      hostname = "https://auth.wanderingcrow.net";
-      http-port = 5555;
-      https-port = 9443;
-      http-enabled = true;
-      hostname-strict-https = false;
-    };
-    database = {
-      type = "postgresql";
-      createLocally = true;
-      passwordFile = config.sops.secrets."keycloak/database/pass".path;
-    };
+    environmentFile = config.sops.templates.authentik-env.path;
   };
 }