compose2nix
This commit is contained in:
@@ -1,52 +1,24 @@
|
||||
{ config, lib, inputs, ... }: {
|
||||
{ config, lib, ... }: {
|
||||
|
||||
options.sysconfig.opts.virtualization.authentik.enable = lib.options.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
};
|
||||
|
||||
config = lib.mkIf config.sysconfig.opts.virtualization.authentik.enable {
|
||||
config = lib.mkIf config.sysconfig.opts.virtualization.authentik.enable (lib.mkMerge [
|
||||
|
||||
(import ./docker-compose.nix)
|
||||
{
|
||||
sops.templates."authentik.env" = {
|
||||
content = ''
|
||||
POSTGRES_DB=authentik-db
|
||||
POSTGRES_USER=authentik-admin
|
||||
POSTGRES_PASSWORD=${config.sops.placeholder."authentik/pass"}
|
||||
AUTHENTIK_SECRET_KEY=${config.sops.placeholder."authentik/secret_key"}
|
||||
'';
|
||||
|
||||
sops.templates."authentik.env" = {
|
||||
content = ''
|
||||
AUTHENTIK_EMAIL__PASSWORD=${config.sops.placeholder."authentik/pass"}
|
||||
AUTHENTIK_SECRET_KEY=${config.sops.placeholder."authentik/secret_key"}
|
||||
'';
|
||||
|
||||
path = "/ssd1/Authentik/data/authentik.env";
|
||||
};
|
||||
|
||||
containers.authentik = {
|
||||
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostAddress = "192.168.100.10";
|
||||
localAddress = "192.168.100.12";
|
||||
bindMounts = {
|
||||
"/root/data" = {
|
||||
hostPath = "/ssd1/Authentik/data";
|
||||
isReadOnly = false;
|
||||
};
|
||||
path = "/ssd1/Authentik/.env";
|
||||
};
|
||||
config = {
|
||||
|
||||
imports = [
|
||||
inputs.authentik-nix.nixosModules.default
|
||||
];
|
||||
|
||||
services.authentik = {
|
||||
|
||||
enable = true;
|
||||
environmentFile = "/root/data/authentik.env";
|
||||
settings = {
|
||||
disable_startup_analytics = false;
|
||||
avatars = "initials";
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.enable = false;
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
}
|
||||
]);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user