foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-02-07 12:19:07 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

hosts/plover: add LDAP server to reverse proxy

Browse Source
This commit is contained in:
Gabriel Arazas 2022-12-29 10:26:15 +08:00
parent bdf862cc91
commit f789e85fcc
1 changed files with 6 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
hosts/plover/default.nix
View File

@ -96,17 +96,11 @@ in
# DNS-related settings. This is nice for automating them putting DNS records # DNS-related settings. This is nice for automating them putting DNS records
# and other types of stuff. # and other types of stuff.
security.acme = { security.acme.defaults = {
defaults = {
dnsProvider = "porkbun"; dnsProvider = "porkbun";
credentialsFile = config.sops.secrets."plover/lego/env".path; credentialsFile = config.sops.secrets."plover/lego/env".path;
}; };
certs = {
"${ldapDomain}".group = config.services.openldap.group;
};
};
services.openssh.hostKeys = [{ services.openssh.hostKeys = [{
path = config.sops.secrets."plover/ssh-key".path; path = config.sops.secrets."plover/ssh-key".path;
type = "ed25519"; type = "ed25519";
@ -179,12 +173,12 @@ in
}; };
}; };
# Keycloak instance. # OpenLDAP server.
"${authDomain}" = { "${ldapDomain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
proxyPass = "http://localhost:${toString config.services.keycloak.settings.http-port}"; proxyPass = "http://localhost:389";
}; };
}; };
}; };