feat: working authelia with gitea
This commit is contained in:
parent
bf62c91c80
commit
f20a32ab6c
GPG key ID:
451F95EFB8BECD0F
|
|
@ -26,7 +26,9 @@
|
|||
./guests.nix
|
||||
];
|
||||
services.xserver = {
|
||||
layout = "de";
|
||||
xkbVariant = "bone";
|
||||
xkb = {
|
||||
layout = "de";
|
||||
variant = "bone";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDfJQBQg5BlE03TZw3MLGGPK/YjYqR59OpYOEsvJX3u3
|
||||
|
|
@ -74,6 +74,13 @@ in {
|
|||
email = "patrick@${config.secrets.secrets.global.domains.mail_public}";
|
||||
groups = ["admin" "forgejo_admin"];
|
||||
};
|
||||
users.test = {
|
||||
disabled = false;
|
||||
displayname = "Test";
|
||||
password = "$argon2id$v=19$m=4096,t=3,p=1$cmJuaWJldGRheA$kG4NCJRryXTCe/8Jc2/BBnEmlWSRwq4pZG7LH7fKs/o";
|
||||
email = "test@${config.secrets.secrets.global.domains.mail_public}";
|
||||
groups = [];
|
||||
};
|
||||
});
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -84,10 +84,8 @@ in {
|
|||
SEND_AS_PLAIN_TEXT = true;
|
||||
};
|
||||
oauth2_client = {
|
||||
ACCOUNT_LINKING = "auto";
|
||||
USERNAME = "userid";
|
||||
ACCOUNT_LINKING = "login";
|
||||
ENABLE_AUTO_REGISTRATION = true;
|
||||
OPENID_CONNECT_SCOPES = "email profile";
|
||||
REGISTER_EMAIL_CONFIRM = false;
|
||||
UPDATE_AVATAR = true;
|
||||
};
|
||||
|
|
@ -110,7 +108,7 @@ in {
|
|||
};
|
||||
service = {
|
||||
DISABLE_REGISTRATION = false;
|
||||
SHOW_REGISTRATION_BUTTON = false;
|
||||
SHOW_REGISTRATION_BUTTON = true;
|
||||
REGISTER_EMAIL_CONFIRM = false;
|
||||
ENABLE_NOTIFY_MAIL = true;
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = true;
|
||||
|
|
@ -145,6 +143,12 @@ in {
|
|||
"https://auth.${config.secrets.secrets.global.domains.web}/.well-known/openid-configuration"
|
||||
"--required-claim-name"
|
||||
"groups"
|
||||
"--scopes"
|
||||
"email"
|
||||
"--scopes"
|
||||
"profile"
|
||||
"--scopes"
|
||||
"groups"
|
||||
"--group-claim-name"
|
||||
"groups"
|
||||
"--admin-group"
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
age.secrets.spotify = {
|
||||
owner = "your_spotify";
|
||||
mode = "440";
|
||||
rekeyFile = ../../secrets/your_spotify.age;
|
||||
rekeyFile = "${config.node.secretsDir}/yourspotify.age";
|
||||
};
|
||||
services.your_spotify = {
|
||||
#enable = true;
|
||||
|
|
|
|||
|
|
@ -7,30 +7,26 @@
|
|||
lib,
|
||||
callPackage,
|
||||
}: let
|
||||
version = "1.7.3";
|
||||
src_o = fetchFromGitHub {
|
||||
version = "1.8.0";
|
||||
src = fetchFromGitHub {
|
||||
owner = "Yooooomi";
|
||||
repo = "your_spotify";
|
||||
rev = "refs/tags/${version}";
|
||||
hash = "sha256-/0xKktywwGcqsuwLytWBJ3O6ADHg1nP6BdMRlkW5ErY=";
|
||||
hash = "sha256-umm7J5ADY2fl+tjs6Qeda5MX2P55u0eCqwW+DWLK8Kc=";
|
||||
};
|
||||
client = callPackage ./your_spotify_client.nix {inherit src_o version;};
|
||||
client = callPackage ./your_spotify_client.nix {inherit src version;};
|
||||
in
|
||||
mkYarnPackage rec {
|
||||
inherit version;
|
||||
inherit version src;
|
||||
pname = "your_spotify";
|
||||
src = "${src_o}/server";
|
||||
offlineCache = fetchYarnDeps {
|
||||
yarnLock = src + "/yarn.lock";
|
||||
hash = "sha256-3ZK+p3RoHHjPu53MLGSho7lEroZ77vUrZ2CjDwIUQTs=";
|
||||
hash = "sha256-pj6owoEPx9gdtFvXF8E89A+Thhe/7m0+OJU6Ttc6ooA=";
|
||||
};
|
||||
postPatch = ''
|
||||
substituteInPlace tsconfig.json --replace-quiet '"extends": "../tsconfig.json",' ""
|
||||
'';
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
pushd ./deps/server
|
||||
yarn --offline run build
|
||||
pushd ./deps/@your_spotify/root/apps/server/
|
||||
yarn --offline --production
|
||||
popd
|
||||
runHook postBuild
|
||||
'';
|
||||
|
|
@ -38,7 +34,7 @@ in
|
|||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r $node_modules $out/node_modules
|
||||
cp -r ./deps/server/{lib,package.json} $out
|
||||
cp -r ./deps/your_spotify/apps/server/{lib,package.json} $out
|
||||
mkdir -p $out/bin
|
||||
makeWrapper ${lib.escapeShellArg (lib.getExe nodejs)} "$out/bin/your_spotify_migrate" \
|
||||
--add-flags "$out/lib/migrations.js"
|
||||
|
|
|
|||
|
|
@ -3,23 +3,20 @@
|
|||
makeWrapper,
|
||||
fetchYarnDeps,
|
||||
apiEndpoint ? "localhost:8080",
|
||||
src_o,
|
||||
src,
|
||||
version,
|
||||
}:
|
||||
mkYarnPackage rec {
|
||||
inherit version;
|
||||
inherit version src;
|
||||
pname = "your_spotify_client";
|
||||
src = "${src_o}/client";
|
||||
offlineCache = fetchYarnDeps {
|
||||
yarnLock = src + "/yarn.lock";
|
||||
hash = "sha256-9UfRVv7M9311lesnr19oThYnzB9cK23XNZejJY/Fd24=";
|
||||
hash = "sha256-pj6owoEPx9gdtFvXF8E89A+Thhe/7m0+OJU6Ttc6ooA=";
|
||||
};
|
||||
postPatch = ''
|
||||
substituteInPlace tsconfig.json --replace-quiet '"extends": "../tsconfig.json",' ""
|
||||
'';
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
pushd ./deps/client_ts
|
||||
pushd ./deps/@your_spotify/root/apps/client/
|
||||
pwd
|
||||
yarn --offline run build
|
||||
popd
|
||||
runHook postBuild
|
||||
|
|
@ -27,7 +24,7 @@ mkYarnPackage rec {
|
|||
nativeBuildInputs = [makeWrapper];
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r ./deps/client_ts/build/* $out
|
||||
cp -r ./deps/your_spotify/apps/client/build/* $out
|
||||
substituteInPlace $out/variables-template.js --replace-quiet '__API_ENDPOINT__' "${apiEndpoint}"
|
||||
mv $out/variables-template.js $out/variables.js
|
||||
'';
|
||||
|
|
|
|||
Loading…
Reference in a new issue