raphael/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(self_host/sso): adding the images to the kanidm

Browse source
This commit is contained in:
Raphael 2025-12-25 01:24:35 +01:00
parent 655235c6ba
commit 2ca39ee7c9
No known key found for this signature in database
1 changed files with 29 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

33
services/self_host/sso.nix
View file

@ -9,6 +9,22 @@ let
cfg = config.service.selfhost.sso; cfg = config.service.selfhost.sso;
kanidm-admin = config.age.secrets."kanidm-admin".path; kanidm-admin = config.age.secrets."kanidm-admin".path;
kanidm-idmAdmin = config.age.secrets."kanidm-idmAdmin".path; kanidm-idmAdmin = config.age.secrets."kanidm-idmAdmin".path;
imagesDir = "/user/share/kanidm/assets";
kanidmLogo = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/doc-sheet/forgejo/refs/heads/forgejo/assets/logo.svg";
name = "kanidm.svg";
sha256 = "sha256-rP7aZURtHBfF2OYuGLcKZhbvIN+B596T/3kaOxHUvig=";
};
grafanaLogo = pkgs.fetchurl {
url = "https://upload.wikimedia.org/wikipedia/commons/a/a1/Grafana_logo.svg";
name = "grafana.svg";
sha256 = "sha256-UjE6ArLCa52o3XGUmpqPoakbEOeFi+zfsnATi1FtWmQ=";
};
nextcloudLogo = pkgs.fetchurl {
url = "https://upload.wikimedia.org/wikipedia/commons/6/60/Nextcloud_Logo.svg";
name = "nextcloud.svg";
sha256 = "sha256-hL51zJkFxUys1CoM8yUxiH8BDw111wh3Qv7eTLm+XYo=";
};
in in
{ {
config = lib.mkIf cfg { config = lib.mkIf cfg {
@ -48,6 +64,7 @@ in
]; ];
groups = [ groups = [
"grafana_superadmins" "grafana_superadmins"
"forgejo_admins"
"nextcloud_user" "nextcloud_user"
]; ];
}; };
@ -62,7 +79,13 @@ in
grafana_editors = { grafana_editors = {
present = true; present = true;
}; };
grafana_user = { grafana_users = {
present = true;
};
forgejo_admins = {
present = true;
};
forgejo_users = {
present = true; present = true;
}; };
nextcloud_user = { nextcloud_user = {
@ -112,6 +135,7 @@ in
grafana = { grafana = {
present = true; present = true;
displayName = "Grafana"; displayName = "Grafana";
imageFile = grafanaLogo;
originUrl = "https://monitor.enium.eu"; originUrl = "https://monitor.enium.eu";
originLanding = "https://monitor.enium.eu/login/generic_oauth"; originLanding = "https://monitor.enium.eu/login/generic_oauth";
basicSecretFile = config.age.secrets.grafana-oidc-secret.path; basicSecretFile = config.age.secrets.grafana-oidc-secret.path;
@ -138,7 +162,7 @@ in
"profile" "profile"
"groups" "groups"
]; ];
grafana_user = [ grafana_users = [
"email" "email"
"openid" "openid"
"profile" "profile"
@ -158,8 +182,8 @@ in
grafana_editors = [ grafana_editors = [
"grafana_editors" "grafana_editors"
]; ];
grafana_user = [ grafana_users = [
"grafana_user" "grafana_users"
]; ];
}; };
}; };
@ -168,6 +192,7 @@ in
nextcloud = { nextcloud = {
present = true; present = true;
displayName = "Nextcloud"; displayName = "Nextcloud";
imageFile = nextcloudLogo;
originUrl = "https://nextcloud.enium.eu"; originUrl = "https://nextcloud.enium.eu";
originLanding = "https://nextcloud.enium.eu/login"; originLanding = "https://nextcloud.enium.eu/login";
basicSecretFile = config.age.secrets.nextcloud-oidc-secret.path; basicSecretFile = config.age.secrets.nextcloud-oidc-secret.path;