31 lines
868 B
Nix
31 lines
868 B
Nix
{ tools, config, ... }:
|
|
let
|
|
hostname = tools.build_hostname "auth";
|
|
in
|
|
{
|
|
# Doesn't seem to like having the path directly in the params below?!
|
|
environment.etc = {
|
|
"authentik/ldap-secrets.env".source = config.age.secrets.auth-authentik-ldap-secrets.path;
|
|
"authentik/proxy-secrets.env".source = config.age.secrets.auth-authentik-proxy-secrets.path;
|
|
"authentik/secrets.env".source = config.age.secrets.auth-authentik-secrets.path;
|
|
};
|
|
services = {
|
|
authentik = {
|
|
enable = true;
|
|
environmentFile = "/etc/authentik/secrets.env";
|
|
nginx = {
|
|
enable = true;
|
|
host = hostname;
|
|
};
|
|
};
|
|
authentik-ldap = {
|
|
enable = true;
|
|
environmentFile = "/etc/authentik/ldap-secrets.env";
|
|
};
|
|
authentik-proxy = {
|
|
enable = true;
|
|
environmentFile = "/etc/authentik/proxy-secrets.env";
|
|
};
|
|
};
|
|
}
|