Update Keycloak configuration to use new password secret and modify proxy settings

2025-12-10 02:33:31 -06:00
parent 5289193961
commit ba41e8f804
1 changed files with 2 additions and 2 deletions
--- a/modules/servers/keycloak.nix
+++ b/modules/servers/keycloak.nix
@@ -29,7 +29,7 @@ in
        createLocally = false;
        username = "keycloak";
        name = "keycloak";
-        passwordFile = config.sops.secrets."keycloak/db_password".path;
+        passwordFile = config.sops.secrets.postgres-password.path;
      };
      settings = {
        hostname = cfg.host;
@@ -37,7 +37,7 @@ in
        hostname-strict-https = false;
        http-enabled = true;
        http-port = cfg.port;
-        proxy = "edge";
+        proxy-headers = "xforwarded";
      };
    };
    systemd.services.keycloak.serviceConfig.EnvironmentFile = config.sops.secrets.keycloak.path;