mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-10 23:00:39 +02:00
Code Activity

feat: remove old "freeform" globals and use new structured globals

Browse source
This commit is contained in:
oddlama 2024-07-31 15:49:44 +02:00
parent 4e717fab96
commit a128dd5f40
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
35 changed files with 214 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

7
hosts/ward/guests/kanidm.nix
View file

@ -3,8 +3,7 @@
globals,
...
}: let
inherit (config.repo.secrets.global) domains;
kanidmDomain = "auth.${domains.me}";
kanidmDomain = "auth.${globals.domains.me}";
kanidmPort = 8300;
mkRandomSecret = {
@ -108,7 +107,7 @@ in {
adminPasswordFile = config.age.secrets.kanidm-admin-password.path;
idmAdminPasswordFile = config.age.secrets.kanidm-idm-admin-password.path;
inherit (config.repo.secrets.global.kanidm) persons;
inherit (globals.kanidm) persons;
# Immich
groups."immich.access" = {};
@ -191,7 +190,7 @@ in {
groups."web-sentinel.openwebui" = {};
systems.oauth2.web-sentinel = {
displayName = "Web Sentinel";
originUrl = "https://oauth2.${domains.me}/";
originUrl = "https://oauth2.${globals.domains.me}/";
basicSecretFile = config.age.secrets.kanidm-oauth2-web-sentinel.path;
preferShortUsername = true;
scopeMaps."web-sentinel.access" = ["openid" "email"];