41 lines
984 B
Nix
41 lines
984 B
Nix
|
{ sys, ... }: let stack = "keycloak"; in {
|
||
|
|
home-manager.users."${sys.username}".home.file = {
|
||
|
|
"${stack}" = {
|
||
|
|
enable = true;
|
||
|
|
recursive = true;
|
||
|
|
source = ./.;
|
||
|
|
target = "stacks/${stack}/";
|
||
|
|
};
|
||
|
|
"${stack}/.env" = {
|
||
|
|
enable = true;
|
||
|
|
text = ''
|
||
|
|
APPDATA=${sys.dataDirs.appdata}/${stack}
|
||
|
|
'';
|
||
|
|
target = "stacks/${stack}/.env";
|
||
|
|
};
|
||
|
|
};
|
||
|
|
sops.secrets."${stack}/keycloak" = {
|
||
|
|
sopsFile = ./keycloak.secrets;
|
||
|
|
key = "";
|
||
|
|
mode = "0440";
|
||
|
|
owner = sys.username;
|
||
|
|
};
|
||
|
|
sops.secrets."${stack}/postgres" = {
|
||
|
|
sopsFile = ./postgres.secrets;
|
||
|
|
key = "";
|
||
|
|
mode = "0440";
|
||
|
|
owner = sys.username;
|
||
|
|
};
|
||
|
|
sops.secrets."${stack}/forwardauth" = {
|
||
|
|
sopsFile = ./forwardauth.secrets;
|
||
|
|
key = "";
|
||
|
|
mode = "0440";
|
||
|
|
owner = sys.username;
|
||
|
|
};
|
||
|
|
sops.secrets."${stack}/forwardauth-privileged" = {
|
||
|
|
sopsFile = ./forwardauth-privileged.secrets;
|
||
|
|
key = "";
|
||
|
|
mode = "0440";
|
||
|
|
owner = sys.username;
|
||
|
|
};
|
||
|
|
}
|