36 lines
990 B
Nix
36 lines
990 B
Nix
{ config, lib, inputs, ... }: {
|
|
|
|
options.sysconfig.opts.virtualization.authentik.enable = lib.options.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
};
|
|
|
|
imports = [
|
|
inputs.arion.nixosModules.arion
|
|
];
|
|
|
|
config = lib.mkIf config.sysconfig.opts.virtualization.authentik.enable {
|
|
|
|
sops.templates."authentik.env" = {
|
|
content = ''
|
|
POSTGRES_DB=authentik-db
|
|
POSTGRES_USER=authentik-admin
|
|
POSTGRES_PASSWORD=${config.sops.placeholder."authentik/pass"}
|
|
AUTHENTIK_SECRET_KEY=${config.sops.placeholder."authentik/secret_key"}
|
|
'';
|
|
|
|
path = "/ssd1/Authentik/data/authentik.env";
|
|
};
|
|
|
|
virtualisation.arion.backend = "podman-socket";
|
|
|
|
virtualisation.arion.projects.authentik = {
|
|
serviceName = "authentik";
|
|
|
|
settings = {
|
|
imports = [ ./arion-compose.nix ];
|
|
};
|
|
};
|
|
};
|
|
}
|