depot/cluster/services/sso/default.nix

{ config, depot, ... }:

{
  services.sso = {
    nodes = {
      host = [ "VEGAS" ];
      oauth2-proxy = [ "VEGAS" ];
    };
    nixos = {
      host = ./host.nix;
      oauth2-proxy = ./oauth2-proxy.nix;
    };
  };

  dns.records = let
    ssoAddr = [ depot.hours.VEGAS.interfaces.primary.addrPublic ];
  in {
    login.target = ssoAddr;
    account.target = ssoAddr;
  };

  patroni = config.lib.forService "sso" {
    databases.keycloak = {};
    users.keycloak.locksmith = {
      nodes = config.services.sso.nodes.host;
      format = "raw";
    };
  };
}
cluster/services/sso: use patroni incandescence 2024-08-28 18:01:41 +03:00			`{ config, depot, ... }:`
cluster/services/sso: init 2023-12-04 00:53:10 +02:00
			`{`
cluster/services/sso: move from VEGAS/sso 2024-07-21 00:04:19 +03:00			`services.sso = {`
cluster/services/sso: integrate VEGAS/oauth2-proxy 2024-07-23 20:13:56 +03:00			`nodes = {`
			`host = [ "VEGAS" ];`
			`oauth2-proxy = [ "VEGAS" ];`
			`};`
			`nixos = {`
			`host = ./host.nix;`
			`oauth2-proxy = ./oauth2-proxy.nix;`
			`};`
cluster/services/sso: move from VEGAS/sso 2024-07-21 00:04:19 +03:00			`};`

cluster/services/sso: init 2023-12-04 00:53:10 +02:00			`dns.records = let`
			`ssoAddr = [ depot.hours.VEGAS.interfaces.primary.addrPublic ];`
			`in {`
			`login.target = ssoAddr;`
			`account.target = ssoAddr;`
			`};`
cluster/services/sso: use patroni incandescence 2024-08-28 18:01:41 +03:00
			`patroni = config.lib.forService "sso" {`
			`databases.keycloak = {};`
			`users.keycloak.locksmith = {`
			`nodes = config.services.sso.nodes.host;`
			`format = "raw";`
			`};`
			`};`
cluster/services/sso: init 2023-12-04 00:53:10 +02:00			`}`