31 lines
825 B
Nix
Executable file
31 lines
825 B
Nix
Executable file
{ inputs, config, ... }:
|
|
|
|
{
|
|
imports = [ inputs.authentik-nix.nixosModules.default ];
|
|
nix.settings = {
|
|
substituters = [ "https://nix-community.cachix.org" ];
|
|
trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
|
|
};
|
|
|
|
sops.secrets."authentik/secrets.env".restartUnits = [ "authentik.service" ];
|
|
|
|
services.caddy.virtualHosts."authentik.wo2wz.fyi".extraConfig =
|
|
assert config.services.caddy.enable;
|
|
''
|
|
import default-settings
|
|
import cloudflare-tls
|
|
|
|
reverse_proxy localhost:9000
|
|
'';
|
|
|
|
services.authentik = {
|
|
enable = true;
|
|
environmentFile = config.sops.secrets."authentik/secrets.env".path;
|
|
|
|
settings = {
|
|
disable_startup_analytics = true;
|
|
disable_update_check = true;
|
|
avatars = "initials";
|
|
};
|
|
};
|
|
}
|