luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-07-04 08:17:20 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

deploy keycloak on core-security

Browse source
This commit is contained in:
Luj 2023-05-21 18:11:38 +02:00
parent 5fa77013f7
commit 301bef66e2
1 changed files with 31 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

31
machines/core-security/default.nix
View file

@ -116,6 +116,37 @@ VfXtULncAiEA2gmqdr+ugFz5tvPdKwanroTiMTUMhhCRYVlQlyTApyQ=
environmentFile = "/var/lib/vaultwarden.env"; environmentFile = "/var/lib/vaultwarden.env";
}; };
services.keycloak = {
enable = true;
database.createLocally = true;
database.passwordFile = "/run/secrets/keycloak";
settings = {
hostname = "auth.julienmalka.me";
http-port = 8080;
hostname-strict-backchannel = true;
proxy = "edge";
};
};
services.nginx.virtualHosts."auth.julienmalka.me" = {
locations."/" = {
proxyPass = "http://127.0.0.1:8080";
extraConfig = ''
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
'';
};
};
sops.secrets.keycloak = {
owner = "root";
sopsFile = ../../secrets/keycloak-db;
format = "binary";
};
system.stateVersion = "22.11"; # Did you read the comment? system.stateVersion = "22.11"; # Did you read the comment?
} }