jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Keycloak to enabled services and refactor configuration settings structure

Browse Source
This commit is contained in:
Danilo Reyes
2025-12-10 02:31:31 -06:00
parent e714a8d184
commit 5289193961
2 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/server/toggles.nix
View File

@@ -76,6 +76,7 @@ in
"mealie" "mealie"
"metube" "metube"
"atticd" "atticd"
"keycloak"
] ]
// enableList mkEnabledIp [ // enableList mkEnabledIp [
"audiobookshelf" "audiobookshelf"

14
modules/servers/keycloak.nix
View File

@@ -31,12 +31,14 @@ in
name = "keycloak"; name = "keycloak";
passwordFile = config.sops.secrets."keycloak/db_password".path; passwordFile = config.sops.secrets."keycloak/db_password".path;
}; };
settings.hostname = cfg.host; settings = {
"hostname-strict" = true; hostname = cfg.host;
"hostname-strict-https" = false; hostname-strict = true;
"http-enabled" = true; hostname-strict-https = false;
"http-port" = cfg.port; http-enabled = true;
"proxy" = "edge"; http-port = cfg.port;
proxy = "edge";
};
}; };
systemd.services.keycloak.serviceConfig.EnvironmentFile = config.sops.secrets.keycloak.path; systemd.services.keycloak.serviceConfig.EnvironmentFile = config.sops.secrets.keycloak.path;
services.nginx.virtualHosts.${cfg.host} = lib.mkIf (cfg.enableProxy && config.my.enableProxy) ( services.nginx.virtualHosts.${cfg.host} = lib.mkIf (cfg.enableProxy && config.my.enableProxy) (