From b4d756770ec506f13b07fdf3f41ab3e0184148cd Mon Sep 17 00:00:00 2001 From: buffet Date: Sat, 25 May 2024 18:03:02 +0200 Subject: [PATCH 1/2] Revert "Merge pull request 'feat: temporarily enable hostname debug' (#9) from kc-hostname-debug into main" This reverts commit b5111a469605b51499adf905d755d932ee8a0828, reversing changes made to ec511d5c22bc3f999747ef8c3e31e795df67d422. --- hosts/ami/keycloak.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/hosts/ami/keycloak.nix b/hosts/ami/keycloak.nix index 368b7f8..d214a9f 100644 --- a/hosts/ami/keycloak.nix +++ b/hosts/ami/keycloak.nix @@ -16,7 +16,6 @@ in { hostname = "https://kc.buffet.sh/"; http-port = port; proxy = "edge"; - hostname-debug = "true"; }; }; From 4f524003962c449f63bd41cf7e0f06b1b4593008 Mon Sep 17 00:00:00 2001 From: buffet Date: Sat, 25 May 2024 18:08:12 +0200 Subject: [PATCH 2/2] Revert "Merge pull request 'feat: setup keycloak' (#7) from setup-keycloak into main" This reverts commit ea6bbee518e6fcda7be210ac122654c622d704fa, reversing changes made to 876c0b8e4db18ad61bb6a6293ff29cd4a42b0762. --- hosts/ami/default.nix | 1 - hosts/ami/keycloak.nix | 41 ------------------------------------ secrets.nix | 1 - secrets/keycloak-db-pass.age | 5 ----- 4 files changed, 48 deletions(-) delete mode 100644 hosts/ami/keycloak.nix delete mode 100644 secrets/keycloak-db-pass.age diff --git a/hosts/ami/default.nix b/hosts/ami/default.nix index e8ffa08..a03b0a3 100644 --- a/hosts/ami/default.nix +++ b/hosts/ami/default.nix @@ -15,7 +15,6 @@ ./borg.nix ./disk-config.nix ./forgejo.nix - ./keycloak.nix ./murmur.nix ./msmtp.nix ./upgrade.nix diff --git a/hosts/ami/keycloak.nix b/hosts/ami/keycloak.nix deleted file mode 100644 index d214a9f..0000000 --- a/hosts/ami/keycloak.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ - config, - pkgs, - ... -}: let - port = 11328; -in { - age.secrets.keycloak-db-pass.file = ../../secrets/keycloak-db-pass.age; - - services.keycloak = { - enable = true; - package = pkgs.unstable.keycloak; - database.passwordFile = config.age.secrets.keycloak-db-pass.path; - - settings = { - hostname = "https://kc.buffet.sh/"; - http-port = port; - proxy = "edge"; - }; - }; - - services.nginx = { - enable = true; - - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - - virtualHosts."kc.buffet.sh" = { - useACMEHost = "buffet.sh"; - forceSSL = true; - - locations = { - "/" = { - proxyPass = "http://localhost:${toString port}"; - }; - }; - }; - }; -} diff --git a/secrets.nix b/secrets.nix index e15fbb6..f478d4d 100644 --- a/secrets.nix +++ b/secrets.nix @@ -4,7 +4,6 @@ in { "secrets/bitwarden.age".publicKeys = [buffet]; "secrets/borgpassword.age".publicKeys = [buffet]; "secrets/hetzner-dns.age".publicKeys = [buffet]; - "secrets/keycloak-db-pass.age".publicKeys = [buffet]; "secrets/kitchen-runner-token.age".publicKeys = [buffet]; "secrets/msmtppassword.age".publicKeys = [buffet]; } diff --git a/secrets/keycloak-db-pass.age b/secrets/keycloak-db-pass.age deleted file mode 100644 index 43ed0d5..0000000 --- a/secrets/keycloak-db-pass.age +++ /dev/null @@ -1,5 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 zRvPWg dBE7+zBtxSbFggJdrs22PDU/rMaVJ8tV6FLPmSwOzA0 -mAmmY0WFFzntI+uVOFaDZixtBPkAflllANFlcupM8sc ---- 8rVOupXTyOinTaMRntA+rBjr2xZ9FT0xzmNQReEZb1Q -Ñr84¦y„ó% Ó„Ñ ÓLkº|½ª®]è~£:œö–‹n¬ëÇÞÂd½mC2£\­‘‘$¯Áör†#‹u°ì•D)PöBàÀm-R¹Ukƒ°0Æ…Cò$`ê|U \ No newline at end of file