This commit is contained in:
@@ -6,6 +6,7 @@
|
||||
}:
|
||||
let
|
||||
cfg = config.my-lxc;
|
||||
sec = import ../config/_matrix_secrets.nix;
|
||||
in
|
||||
{
|
||||
authentik_provider_proxy = lib.filterAttrs (_: v: v != { }) (
|
||||
@@ -20,31 +21,47 @@ in
|
||||
}
|
||||
) cfg
|
||||
);
|
||||
authentik_application =
|
||||
lib.filterAttrs (_: v: v != { }) (
|
||||
lib.mapAttrs (
|
||||
containerName: def:
|
||||
lib.optionalAttrs (def.auth) {
|
||||
name = containerName;
|
||||
slug = containerName;
|
||||
protocol_provider = "\${resource.authentik_provider_proxy.${containerName}.id}";
|
||||
}
|
||||
) cfg
|
||||
)
|
||||
// {
|
||||
matrix = {
|
||||
name = "matrix";
|
||||
slug = "matrix";
|
||||
protocol_provider = "\${resource.authentik_provider_oauth2.matrix.id}";
|
||||
|
||||
# dns_provider = {
|
||||
# name = "dns";
|
||||
# authorization_flow = "\${data.authentik_flow.default-authorization-flow.id}";
|
||||
# invalidation_flow = "\${data.authentik_flow.default-invalidation-flow.id}";
|
||||
# external_host = "https://dns.plg.m0rel.eu/";
|
||||
# mode = "forward_single";
|
||||
# };
|
||||
authentik_application = lib.filterAttrs (_: v: v != { }) (
|
||||
lib.mapAttrs (
|
||||
containerName: def:
|
||||
lib.optionalAttrs (def.auth) {
|
||||
name = containerName;
|
||||
slug = containerName;
|
||||
protocol_provider = "\${resource.authentik_provider_proxy.${containerName}.id}";
|
||||
}
|
||||
) cfg
|
||||
);
|
||||
authentik_outpost_provider_attachment = lib.filterAttrs (_: v: v != { }) (
|
||||
lib.mapAttrs (
|
||||
containerName: def:
|
||||
lib.optionalAttrs (def.auth) {
|
||||
};
|
||||
};
|
||||
authentik_outpost_provider_attachment =
|
||||
lib.filterAttrs (_: v: v != { }) (
|
||||
lib.mapAttrs (
|
||||
containerName: def:
|
||||
lib.optionalAttrs (def.auth) {
|
||||
outpost = "\${data.authentik_outpost.embedded.id}";
|
||||
protocol_provider = "\${authentik_provider_proxy.${containerName}.id}";
|
||||
}
|
||||
) cfg
|
||||
)
|
||||
// {
|
||||
matrix = {
|
||||
outpost = "\${data.authentik_outpost.embedded.id}";
|
||||
protocol_provider = "\${authentik_provider_proxy.${containerName}.id}";
|
||||
}
|
||||
) cfg
|
||||
);
|
||||
protocol_provider = "\${authentik_provider_oauth2.matrix.id}";
|
||||
};
|
||||
};
|
||||
|
||||
authentik_provider_oauth2.matrix = {
|
||||
name = "matrix";
|
||||
authorization_flow = "\${data.authentik_flow.default-authorization-flow.id}";
|
||||
invalidation_flow = "\${data.authentik_flow.default-invalidation-flow.id}";
|
||||
client_id = sec.oidc_client_id;
|
||||
client_secret = sec.oidc_client_secret;
|
||||
};
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user