···
AUTH_ANONYMOUS_ENABLED = boolToString cfg.auth.anonymous.enable;
AUTH_ANONYMOUS_ORG_NAME = cfg.auth.anonymous.org_name;
AUTH_ANONYMOUS_ORG_ROLE = cfg.auth.anonymous.org_role;
45
+
AUTH_GOOGLE_ENABLED = boolToString cfg.auth.google.enable;
46
+
AUTH_GOOGLE_ALLOW_SIGN_UP = boolToString cfg.auth.google.allowSignUp;
47
+
AUTH_GOOGLE_CLIENT_ID = cfg.auth.google.clientId;
ANALYTICS_REPORTING_ENABLED = boolToString cfg.analytics.reporting.enable;
···
532
-
enable = mkOption {
533
-
description = "Whether to allow anonymous access.";
536
+
enable = mkOption {
537
+
description = "Whether to allow anonymous access.";
541
+
org_name = mkOption {
542
+
description = "Which organization to allow anonymous access to.";
543
+
default = "Main Org.";
546
+
org_role = mkOption {
547
+
description = "Which role anonymous users have in the organization.";
548
+
default = "Viewer";
537
-
org_name = mkOption {
538
-
description = "Which organization to allow anonymous access to.";
539
-
default = "Main Org.";
542
-
org_role = mkOption {
543
-
description = "Which role anonymous users have in the organization.";
544
-
default = "Viewer";
553
+
enable = mkOption {
554
+
description = "Whether to allow Google OAuth2.";
558
+
allowSignUp = mkOption {
559
+
description = "Whether to allow sign up with Google OAuth2.";
563
+
clientId = mkOption {
564
+
description = "Google OAuth2 client ID.";
568
+
clientSecretFile = mkOption {
569
+
description = "Google OAuth2 client secret.";
571
+
type = types.nullOr types.path;
···
QT_QPA_PLATFORM = "offscreen";
} // mapAttrs' (n: v: nameValuePair "GF_${n}" (toString v)) envOptions;
638
+
${optionalString (cfg.auth.google.clientSecretFile != null) ''
639
+
export GF_AUTH_GOOGLE_CLIENT_SECRET="$(cat ${escapeShellArg cfg.auth.google.clientSecretFile})"
${optionalString (cfg.database.passwordFile != null) ''
export GF_DATABASE_PASSWORD="$(cat ${escapeShellArg cfg.database.passwordFile})"
pyrox.dev