forked from mirrors_public/oddlama_nix-config
feat: promote oauth proxy config to a nginx virtualHosts option
This commit is contained in:
parent
a092a5a846
commit
71dbda6262
8 changed files with 136 additions and 98 deletions
|
@ -17,7 +17,6 @@
|
|||
};
|
||||
|
||||
services.oauth2_proxy = {
|
||||
# TODO cookie refresh
|
||||
provider = "oidc";
|
||||
scope = "openid";
|
||||
loginURL = "https://${config.proxiedDomains.kanidm}/ui/oauth2";
|
||||
|
@ -25,9 +24,16 @@
|
|||
validateURL = "https://${config.proxiedDomains.kanidm}/oauth2/openid/web-sentinel/userinfo";
|
||||
clientID = "web-sentinel";
|
||||
keyFile = config.age.secrets.oauth2-proxy-secret.path;
|
||||
|
||||
email.domains = ["*"];
|
||||
|
||||
extraConfig.skip-provider-button = true;
|
||||
extraConfig = {
|
||||
# TODO good idea? would fail when offline
|
||||
# TODO autorestart after 30 minutes, infinite times.
|
||||
oidc-issuer-url = "https://${config.proxiedDomains.kanidm}/oauth2/openid/web-sentinel";
|
||||
skip-provider-button = true;
|
||||
|
||||
# TODO away
|
||||
show-debug-on-error = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Binary file not shown.
Loading…
Add table
Add a link
Reference in a new issue