public
/
paris-container
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Take the outpost token as a file

This commit is contained in:
niten 2024-05-28 10:41:07 -07:00
parent 3d7f530989
commit 22bc427ef4
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
paris-container.nix
View File

@ -19,6 +19,7 @@ in {
image = mkOption { image = mkOption {
type = str; type = str;
description = "Authentik LDAP outpost Docker image."; description = "Authentik LDAP outpost Docker image.";
default = "ghcr.io/goauthentik/ldap:latest";
}; };
domain = mkOption { domain = mkOption {
@ -33,9 +34,10 @@ in {
default = "authentik.${toplevel.config.fudo.mail.primary-domain}"; default = "authentik.${toplevel.config.fudo.mail.primary-domain}";
}; };
outpost-token = mkOption { outpost-token-file = mkOption {
type = str; type = str;
description = "Token with which to authenticate to the Authentik host."; description =
"File containing token with which to authenticate to the Authentik host.";
}; };
bind-dn = mkOption { bind-dn = mkOption {
@ -117,7 +119,7 @@ in {
source-file = pkgs.writeText "paris-ldap-proxy.env" source-file = pkgs.writeText "paris-ldap-proxy.env"
(concatStringsSep "\n" [ (concatStringsSep "\n" [
"AUTHENTIK_HOST=${cfg.ldap.authentik-host}" "AUTHENTIK_HOST=${cfg.ldap.authentik-host}"
"AUTHENTIK_TOKEN=${cfg.ldap.outpost-token}" "AUTHENTIK_TOKEN=${readFile cfg.ldap.outpost-token-file}"
"AUTHENTIK_INSECURE=false" "AUTHENTIK_INSECURE=false"
]); ]);
target-file = "/run/paris/ldap.env"; target-file = "/run/paris/ldap.env";