mirror of
https://github.com/TheWanderingCrow/CrOS.git
synced 2026-01-11 09:44:08 -05:00
41 lines
1 KiB
Nix
41 lines
1 KiB
Nix
{
|
|
inputs,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
sopsFolder = inputs.nix-secrets + "/sops";
|
|
in
|
|
{
|
|
|
|
services.caddy.virtualHosts."mealie.wanderingcrow.net".extraConfig = ''
|
|
reverse_proxy http://localhost:9000
|
|
'';
|
|
sops.secrets = {
|
|
"mealie/oidc/client" = {
|
|
sopsFile = "${sopsFolder}/services.yaml";
|
|
};
|
|
"mealie/oidc/secret" = {
|
|
sopsFile = "${sopsFolder}/services.yaml";
|
|
};
|
|
};
|
|
sops.templates."mealie-env".content = ''
|
|
OIDC_CONFIGURATION_URL=https://auth.wanderingcrow.net/.well-known/openid-configuration
|
|
OIDC_CLIENT_ID=${config.sops.placeholder."mealie/oidc/client"}
|
|
OIDC_CLIENT_SECRET=${config.sops.placeholder."mealie/oidc/secret"}
|
|
OIDC_ADMIN_GROUP=admins
|
|
'';
|
|
services.mealie = {
|
|
enable = true;
|
|
settings = {
|
|
BASE_URL = "https://mealie.wanderingcrow.net";
|
|
ALLOW_SIGNUP = false;
|
|
ALLOW_PASSWORD_LOGIN = false;
|
|
DB_ENGINE = "sqlite";
|
|
OIDC_AUTH_ENABLED = true;
|
|
OIDC_SIGNUP_ENABLED = true;
|
|
OIDC_PROVIDER_NAME = "Pocket ID";
|
|
};
|
|
};
|
|
}
|