secrets for mediawiki and formatting

modules/keycloak.nix

@@ -1,5 +1,5 @@
-{pkgs, config, lib, ...}: {
-  
+{ pkgs, config, lib, ... }: {
+
   sops.secrets.postgres_keycloak = {
     owner = config.systemd.services.keycloak.serviceConfig.User;
     group = "keycloak";
@@ -24,8 +24,8 @@
         hostname = "keycloak.quitte.tassilo-tanneberger.de";
         http-host = "127.0.0.1";
         http-port = 8000;
-	https-port = 8001;
-	proxy = "edge";
+        https-port = 8001;
+        proxy = "edge";
       };
 
       database = {
@@ -34,30 +34,31 @@
         passwordFile = config.sops.secrets.postgres_keycloak.path;
         name = "keycloak";
         host = "localhost";
-	createLocally = true;
+        createLocally = true;
       };
     };
     postgresql = {
       enable = true;
     };
     nginx = {
-	enable = true;
-      	recommendedProxySettings = true;
-      	virtualHosts = {
-	  "${config.services.keycloak.settings.hostname}" = {
-	    enableACME = true;
-	    forceSSL = true;
-	    http2 = true;
-	    locations = {
-	      "/" = 
-		let
-		  cfg = config.services.keycloak.settings;	
-		in {
- 		proxyPass = "http://${cfg.http-host}:${toString cfg.http-port}";
-	      };
-	    };
-	 };
-       };
+      enable = true;
+      recommendedProxySettings = true;
+      virtualHosts = {
+        "${config.services.keycloak.settings.hostname}" = {
+          enableACME = true;
+          forceSSL = true;
+          http2 = true;
+          locations = {
+            "/" =
+              let
+                cfg = config.services.keycloak.settings;
+              in
+              {
+                proxyPass = "http://${cfg.http-host}:${toString cfg.http-port}";
+              };
+          };
+        };
+      };
     };
   };
 }