hosts/marvin/services/pocket-id.nix at dd2f1614f985d05aa779b4a3cf4f8cf8ac7730a4 · pyrox.dev/nix

pyrox.dev / nix

My Nix Configuration

nix / hosts / marvin / services / pocket-id.nix

at dd2f1614f985d05aa779b4a3cf4f8cf8ac7730a4 1.1 kB view raw

 1{
 2  config,
 3  self,
 4  ...
 5}:
 6let
 7  d = self.lib.data.services.pocket-id;
 8in
 9{
10  services.pocket-id = {
11    enable = true;
12    environmentFile = config.age.secrets.pocket-id-secrets.path;
13    settings = {
14      APP_URL = "https://${d.extUrl}";
15      TRUST_PROXY = true;
16      UPDATE_CHECK_DISABLED = true;
17      PORT = d.port;
18
19      # Frontend Config
20      UI_CONFIG_DISABLED = true;
21      APP_NAME = "dishNet Auth";
22      SESSION_DURATION = 120;
23      EMAILS_VERIFIED = true;
24      ALLOW_OWN_ACCOUNT_EDIT = true;
25      DISABLE_ANIMATIONS = true;
26      SMTP_HOST = "mail.pyrox.dev";
27      SMTP_PORT = 465;
28      SMTP_FROM = "auth@pyrox.dev";
29      SMTP_USER = "auth@pyrox.dev";
30      SMTP_TLS = "tls";
31      SMTP_SKIP_CERT_VERIFY = false;
32      LDAP_ENABLED = false;
33    };
34  };
35
36  age.secrets.pocket-id-secrets = {
37    file = ./secrets/pocket-id-secrets.age;
38    owner = "pocket-id";
39    group = "pocket-id";
40  };
41  services.anubis.instances = {
42    pocket-id = {
43      settings = {
44        BIND = ":${toString d.anubis}";
45        TARGET = "http://localhost:${toString d.port}";
46      };
47    };
48  };
49}