34 lines
681 B
Nix
34 lines
681 B
Nix
{
|
|
pkgs,
|
|
inputs,
|
|
config,
|
|
...
|
|
}:
|
|
let
|
|
sopsFolder = builtins.toString inputs.nix-secrets + "/sops";
|
|
in
|
|
{
|
|
sops.secrets."pocket-id/encryption_key" = {
|
|
sopsFile = "${sopsFolder}/services.yaml";
|
|
};
|
|
|
|
services.caddy = {
|
|
enable = true;
|
|
virtualHosts."auth.wanderingcrow.net".extraConfig = ''
|
|
reverse_proxy http://localhost:1411
|
|
'';
|
|
};
|
|
|
|
services.pocket-id = {
|
|
enable = true;
|
|
package = pkgs.pocket-id;
|
|
settings = {
|
|
ANALYTICS_DISABLED = true;
|
|
APP_URL = "https://auth.wanderingcrow.net";
|
|
TRUST_PROXY = true;
|
|
};
|
|
credentials = {
|
|
ENCRYPTION_KEY = config.sops.secrets."pocket-id/encryption_key".path;
|
|
};
|
|
};
|
|
}
|