wurzel/fruitbasket
9
1
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity

padlist: dex openid connect login instead of basic auth

Browse source
This commit is contained in:
quitte 2024-01-05 15:57:32 +01:00
parent dd99021da1
commit 693154fe1a
1 changed files with 9 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
modules/padlist.nix
View file

@ -24,13 +24,9 @@ in
services.nginx = { services.nginx = {
virtualHosts.${domain} = { virtualHosts.${domain} = {
root = pkgs.callPackage ../pkgs/padlist { };
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
extraConfig = '' root = "/srv/web/padlist";
auth_pam "LDAP Authentication Required";
auth_pam_service_name "nginx";
'';
locations = { locations = {
"= /" = { "= /" = {
extraConfig = '' extraConfig = ''
@ -41,13 +37,21 @@ in
extraConfig = '' extraConfig = ''
try_files $uri =404; try_files $uri =404;
fastcgi_pass unix:${config.services.phpfpm.pools.padlist.socket}; fastcgi_pass unix:${config.services.phpfpm.pools.padlist.socket};
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php; fastcgi_index index.php;
include ${pkgs.nginx}/conf/fastcgi_params; include ${pkgs.nginx}/conf/fastcgi_params;
include ${pkgs.nginx}/conf/fastcgi.conf; include ${pkgs.nginx}/conf/fastcgi.conf;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
''; '';
}; };
"/vendor".return = "403";
}; };
}; };
}; };
services.portunus.dex.oidcClients = [{
id = "padlist";
callbackURL = "https://list.pad.ifsr.de/callback.php";
}];
} }