Compare commits
No commits in common. "158f0cb7ee34a8cca1043ccc39f0aa695e8504b8" and "ff71cb75b79350b8fb8849f63f5de8b12d31170e" have entirely different histories.
158f0cb7ee
...
ff71cb75b7
|
@ -2,6 +2,7 @@
|
|||
let
|
||||
cfg = config.services.keycloak.settings;
|
||||
in {
|
||||
environment.noXlibs = false;
|
||||
sops.secrets."keycloak/postgres" = { };
|
||||
|
||||
services.keycloak = {
|
||||
|
|
|
@ -6,12 +6,6 @@
|
|||
group = "matrix-synapse";
|
||||
};
|
||||
|
||||
sops.secrets."matrix/synapse/oidcsecret" = {
|
||||
restartUnits = [ "matrix-synapse.service" ];
|
||||
owner = "matrix-synapse";
|
||||
group = "matrix-synapse";
|
||||
};
|
||||
|
||||
services.matrix-synapse-next = {
|
||||
enable = true;
|
||||
enableNginx = true;
|
||||
|
@ -75,21 +69,6 @@
|
|||
tls_certificate_path = "/etc/ssl-snakeoil/matrix_feal_no.crt";
|
||||
tls_private_key_path = "/etc/ssl-snakeoil/matrix_feal_no.key";
|
||||
|
||||
oidc_providers = [
|
||||
{
|
||||
idp_id = "keycloak";
|
||||
idp_name = "Keycloak";
|
||||
issuer = "https://iam.feal.no/realms/feal.no";
|
||||
client_id = "matrix-synapse";
|
||||
client_secret_path = config.sops.secrets."matrix/synapse/oidcsecret".path;
|
||||
user_mapping_provicer.config = {
|
||||
localpart_template = "{{ user.preferred_username }}";
|
||||
display_name_template = "{{ user.name }}";
|
||||
};
|
||||
backchannel_logout_enabled = true;
|
||||
enable_registration = false;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -62,14 +62,7 @@ in {
|
|||
'';
|
||||
};
|
||||
};
|
||||
"cloud.feal.no" = publicProxy "" {
|
||||
locations."/" = {
|
||||
proxyPass = "http://voyager.home.feal.no";
|
||||
extraConfig = ''
|
||||
client_max_body_size 8G;
|
||||
'';
|
||||
};
|
||||
};
|
||||
"cloud.feal.no" = publicProxy "http://voyager.home.feal.no" {};
|
||||
"git.feal.no" = publicProxy "http://unix:${gitea.server.HTTP_ADDR}" {};
|
||||
"jf.feal.no" = publicProxy "http://jellyfin.home.feal.no/" {};
|
||||
"iam.feal.no" = publicProxy "http://${keycloak.http-host}:${toString keycloak.http-port}" {};
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
matrix:
|
||||
synapse:
|
||||
registrationsecret: ENC[AES256_GCM,data:bWxzNB3c7GL6A4evVMoYJ2/q5TKyeSZzk05lUTMMDLBf3w/ks028oKjntGWbAvpSbnYPAO5wGPPKrvh8TnMVfjuBVrBtL8Vmt10t7YU/e15Xo0WvtwuAtjF6AWiGbV8=,iv:/KW9n2wuVua6zsmMZ/tq7J3wgmtrkLsh6aOWX0Z+fqo=,tag:aoIpD0JgsVnhlyDcsjx1eg==,type:str]
|
||||
oidcsecret: ENC[AES256_GCM,data:AKUTKQStFwioRaRYnrFbL/kJM0ZO/ZPLumG+770+A7U=,iv:jSpL6dY27zwctra5w56loVR9rRETWe5eIeMnAn9f6S0=,tag:IoEP8UzoZK7B5LtTu9Ebsw==,type:str]
|
||||
registrationsecret: ENC[AES256_GCM,data:6gRW6t080VSyNRAmIrMqXL/oj7dj0JbcQekG3lac7zcdvJbgkUaqEGoWdrym2XiEOSLBOVMthnpLdalC2wcyJdmxB7xMNsYS4RfjR3PMKIo1Ap7JSmuKBl3eeaOalHk=,iv:dZl4/qFMoqEbSwL4JF/sjG21e6DuKVxbXwrGHkxfW4U=,tag:LWdCcmUUeTO4YAHkHOSJuw==,type:str]
|
||||
hedgedoc:
|
||||
env: ENC[AES256_GCM,data:30kDNwJA/nL2/l1gSVPWgFYIrrxnhKbsQPaS1MqeaggjDpPxyNOhSLf5/p5Z5S/jDuJapevpQR70hfAM8g3gLRNIFtP38V/8w0lUngpuz6MzL7THdNfbabOKsHpNht+nxwGXE1YSd0D4OuX5ll5pLWT8nQtNhhOzuYmDIJ/Xc01lmcGc2ThsA0GlkWZxUw==,iv:ht6BiCYJReWFoR1zpo/X0bcgMV9tYfXUM7Re2ngEk4M=,tag:XrlYHyhVujhhWul3czSTDg==,type:str]
|
||||
vaultwarden:
|
||||
|
@ -37,8 +36,8 @@ sops:
|
|||
RXcvQU1JYnl0bUtocTZuNkRxcGQwR2MKnyAYtF2y7XBmNuIYi6RzqEJEPPg7B22A
|
||||
fQVeDfIhiNSVva784KTU+y4TU1UPxumriRrLRFPF3h42ZEq2zQAgrQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-06-10T17:02:13Z"
|
||||
mac: ENC[AES256_GCM,data:vHwX4i0SqiMI+laj079uNvO/6QKzqAoS4JmhUIW/1F7xjtd/Wv5Ia/00EexMMw59cvaDW/k7QB13xyHNixloFhH5aXi3bF8b8uIP6U3K0nlbIYp2tVRU3m/FtkhabzIuP5o/sfoO+gfcuHfTQxjwcap8Tx3VsecjJO0PaR9+EHU=,iv:6c0hRRRddD535GH9zGWnaBnq0jcSlyN0dPIEW+ldGew=,tag:185qSz+tgfXg/f65sf/y+Q==,type:str]
|
||||
lastmodified: "2024-06-10T09:40:44Z"
|
||||
mac: ENC[AES256_GCM,data:HgzZvi14Dgacvax54pqeGXowfiFAZIaLhkmJZieL+pUMiZKKp5vo8M4j2ZyM4DB/a9j58Ao1xlykCnit/vfUgeRJlqZsGedMDLtDvW6mEwHNwZwxvX3Zmsykl/Nt4FZS47jdB5J/1r/vAjtVos7K9UWBfiQUH0EJp6OpVWrWzrc=,iv:64G2tA5tqeJjZPunGFJYhP4z4di0PTCqVzA7QlvTETY=,tag:O2zaf0qRwiSwcrfMQE2uKA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in New Issue