21 lines
473 B
Nix
21 lines
473 B
Nix
{ config, ... }:
|
|
let
|
|
domain = "idm.${config.networking.domain}";
|
|
in
|
|
{
|
|
sops.secrets."authentik/core" = { };
|
|
sops.secrets."authentik/ldap" = { };
|
|
services.authentik = {
|
|
enable = true;
|
|
nginx = {
|
|
enable = true;
|
|
host = domain;
|
|
enableACME = true;
|
|
};
|
|
environmentFile = config.sops.secrets."authentik/core".path;
|
|
};
|
|
services.authentik-ldap = {
|
|
enable = true;
|
|
environmentFile = config.sops.secrets."authentik/ldap".path;
|
|
};
|
|
}
|