45 lines
1.3 KiB
Nix
45 lines
1.3 KiB
Nix
{config, ...}: let
|
|
vars = import ../../../../vars.nix;
|
|
in {
|
|
virtualisation.arion = {
|
|
projects.auth.settings = {
|
|
imports = [./arion-compose.nix];
|
|
};
|
|
};
|
|
|
|
sops.secrets."auth/postgres_db" = {
|
|
owner = vars.user;
|
|
};
|
|
sops.secrets."auth/postgres_user" = {
|
|
owner = vars.user;
|
|
};
|
|
sops.secrets."auth/postgres_pw" = {
|
|
owner = vars.user;
|
|
};
|
|
sops.secrets."auth/authentik_secret_key" = {
|
|
owner = vars.user;
|
|
};
|
|
|
|
sops.templates."auth-postgres.env" = {
|
|
path = "/home/${vars.user}/.docker/auth/postgres.env";
|
|
owner = vars.user;
|
|
mode = "0775";
|
|
content = ''
|
|
POSTGRES_PASSWORD="${config.sops.placeholder."auth/postgres_pw"}"
|
|
POSTGRES_USER="${config.sops.placeholder."auth/postgres_user"}"
|
|
POSTGRES_DB="${config.sops.placeholder."auth/postgres_db"}"
|
|
'';
|
|
};
|
|
|
|
sops.templates."auth-authentik.env" = {
|
|
path = "/home/${vars.user}/.docker/auth/authentik.env";
|
|
owner = vars.user;
|
|
mode = "0775";
|
|
content = ''
|
|
AUTHENTIK_POSTGRESQL__PASSWORD="${config.sops.placeholder."auth/postgres_pw"}"
|
|
AUTHENTIK_POSTGRESQL__USER="${config.sops.placeholder."auth/postgres_user"}"
|
|
AUTHENTIK_POSTGRESQL__NAME="${config.sops.placeholder."auth/postgres_db"}"
|
|
AUTHENTIK_SECRET_KEY="${config.sops.placeholder."auth/authentik_secret_key"}"
|
|
'';
|
|
};
|
|
}
|