forked from mirrors_public/oddlama_nix-config
chore: generate and use new secrets
This commit is contained in:
parent
7c48e51320
commit
0b8de70330
5 changed files with 36 additions and 1 deletions
|
@ -46,7 +46,6 @@
|
|||
redeemURL = "https://${config.networking.providedDomains.kanidm}/oauth2/token";
|
||||
validateURL = "https://${config.networking.providedDomains.kanidm}/oauth2/openid/${clientId}/userinfo";
|
||||
clientID = clientId;
|
||||
keyFile = config.age.secrets.oauth2-cookie-secret.path;
|
||||
email.domains = ["*"];
|
||||
|
||||
extraConfig = {
|
||||
|
@ -55,4 +54,9 @@
|
|||
#skip-provider-button = true;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.oauth2_proxy.serviceConfig.EnvironmentFile = [
|
||||
config.age.secrets.oauth2-cookie-secret.path
|
||||
config.age.secrets.oauth2-client-secret.path
|
||||
];
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue