nix-config/microvms/auth/keycloak.nix

18 lines
443 B
Nix

{ config, ... }:
{
services.keycloak = {
enable = true;
database = {
type = "postgresql";
createLocally = true;
passwordFile = config.sops.secrets."keycloak/db_pass".path;
};
settings = {
hostname = "https://auth.oxapentane.com";
http-port = 38080;
http-enabled = true;
proxy-headers = "xforwarded";
proxy-trusted-addresses = "10.89.88.0/24,fd31:185d:722f::/48";
};
};
}