wurzel/fruitbasket
9
1
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity

directus: fix sso

Browse source
This commit is contained in:
Rouven Seifert 2024-05-07 11:57:15 +02:00
parent 6abc1e75b9
commit 5384918ce6
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
2 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
modules/keycloak.nix
View file

@ -22,6 +22,11 @@ in
services.nginx.virtualHosts."${domain}" = { services.nginx.virtualHosts."${domain}" = {
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.keycloak.settings.http-port}"; proxyPass = "http://127.0.0.1:${toString config.services.keycloak.settings.http-port}";
extraConfig = ''
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
'';
}; };
}; };
} }

6
modules/web/ese.nix
View file

@ -22,10 +22,14 @@ in
"DB_PORT" = "5432"; "DB_PORT" = "5432";
"DB_DATABASE" = "directus_ese"; "DB_DATABASE" = "directus_ese";
"DB_USER" = "directus_ese"; "DB_USER" = "directus_ese";
"PUBLIC_URL" = "https://directus-ese.ifsr.de";
"AUTH_PROVIDERS"="keycloak";
"AUTH_KEYCLOAK_DRIVER" = "openid"; "AUTH_KEYCLOAK_DRIVER" = "openid";
"AUTH_KEYCLOAK_CLIENT_ID" = "directus-ese"; "AUTH_KEYCLOAK_CLIENT_ID" = "directus-ese";
"AUTH_KEYCLOAK_ISSUER_URL" = "http://sso.ifsr.de/realms/internal/.well-known/openid-configuration"; "AUTH_KEYCLOAK_ISSUER_URL" = "https://sso.ifsr.de/realms/internal/.well-known/openid-configuration";
"AUTH_KEYCLOAK_IDENTIFIER_KEY" = "email"; "AUTH_KEYCLOAK_IDENTIFIER_KEY" = "email";
"AUTH_KEYCLOAK_ALLOW_PUBLIC_REGISTRATION"="true";
"AUTH_KEYCLOAK_DEFAULT_ROLE_ID"="a6b7a1b6-a6fa-442c-87fd-e37c2a16424b";
}; };
environmentFiles = [ environmentFiles = [
config.sops.secrets."directus_env".path config.sops.secrets."directus_env".path