diff --git a/hosts/ami/default.nix b/hosts/ami/default.nix index e8ffa08..a03b0a3 100644 --- a/hosts/ami/default.nix +++ b/hosts/ami/default.nix @@ -15,7 +15,6 @@ ./borg.nix ./disk-config.nix ./forgejo.nix - ./keycloak.nix ./murmur.nix ./msmtp.nix ./upgrade.nix diff --git a/hosts/ami/keycloak.nix b/hosts/ami/keycloak.nix deleted file mode 100644 index 368b7f8..0000000 --- a/hosts/ami/keycloak.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ - config, - pkgs, - ... -}: let - port = 11328; -in { - age.secrets.keycloak-db-pass.file = ../../secrets/keycloak-db-pass.age; - - services.keycloak = { - enable = true; - package = pkgs.unstable.keycloak; - database.passwordFile = config.age.secrets.keycloak-db-pass.path; - - settings = { - hostname = "https://kc.buffet.sh/"; - http-port = port; - proxy = "edge"; - hostname-debug = "true"; - }; - }; - - services.nginx = { - enable = true; - - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - - virtualHosts."kc.buffet.sh" = { - useACMEHost = "buffet.sh"; - forceSSL = true; - - locations = { - "/" = { - proxyPass = "http://localhost:${toString port}"; - }; - }; - }; - }; -} diff --git a/secrets.nix b/secrets.nix index e15fbb6..f478d4d 100644 --- a/secrets.nix +++ b/secrets.nix @@ -4,7 +4,6 @@ in { "secrets/bitwarden.age".publicKeys = [buffet]; "secrets/borgpassword.age".publicKeys = [buffet]; "secrets/hetzner-dns.age".publicKeys = [buffet]; - "secrets/keycloak-db-pass.age".publicKeys = [buffet]; "secrets/kitchen-runner-token.age".publicKeys = [buffet]; "secrets/msmtppassword.age".publicKeys = [buffet]; } diff --git a/secrets/keycloak-db-pass.age b/secrets/keycloak-db-pass.age deleted file mode 100644 index 43ed0d5..0000000 --- a/secrets/keycloak-db-pass.age +++ /dev/null @@ -1,5 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 zRvPWg dBE7+zBtxSbFggJdrs22PDU/rMaVJ8tV6FLPmSwOzA0 -mAmmY0WFFzntI+uVOFaDZixtBPkAflllANFlcupM8sc ---- 8rVOupXTyOinTaMRntA+rBjr2xZ9FT0xzmNQReEZb1Q -Ñr84¦y„ó% Ó„Ñ ÓLkº|½ª®]è~£:œö–‹n¬ëÇÞÂd½mC2£\­‘‘$¯Áör†#‹u°ì•D)PöBàÀm-R¹Ukƒ°0Æ…Cò$`ê|U \ No newline at end of file