Merge pull request 'Remove keycloak' (#10) from remove-keycloak into main

Reviewed-on: #10

hosts/ami/default.nix

@@ -15,7 +15,6 @@
     ./borg.nix
     ./disk-config.nix
     ./forgejo.nix
-    ./keycloak.nix
     ./murmur.nix
     ./msmtp.nix
     ./upgrade.nix

hosts/ami/keycloak.nix

@@ -1,42 +0,0 @@
-{
-  config,
-  pkgs,
-  ...
-}: let
-  port = 11328;
-in {
-  age.secrets.keycloak-db-pass.file = ../../secrets/keycloak-db-pass.age;
-
-  services.keycloak = {
-    enable = true;
-    package = pkgs.unstable.keycloak;
-    database.passwordFile = config.age.secrets.keycloak-db-pass.path;
-
-    settings = {
-      hostname = "https://kc.buffet.sh/";
-      http-port = port;
-      proxy = "edge";
-      hostname-debug = "true";
-    };
-  };
-
-  services.nginx = {
-    enable = true;
-
-    recommendedGzipSettings = true;
-    recommendedOptimisation = true;
-    recommendedProxySettings = true;
-    recommendedTlsSettings = true;
-
-    virtualHosts."kc.buffet.sh" = {
-      useACMEHost = "buffet.sh";
-      forceSSL = true;
-
-      locations = {
-        "/" = {
-          proxyPass = "http://localhost:${toString port}";
-        };
-      };
-    };
-  };
-}

secrets.nix

@@ -4,7 +4,6 @@ in {
   "secrets/bitwarden.age".publicKeys = [buffet];
   "secrets/borgpassword.age".publicKeys = [buffet];
   "secrets/hetzner-dns.age".publicKeys = [buffet];
-  "secrets/keycloak-db-pass.age".publicKeys = [buffet];
   "secrets/kitchen-runner-token.age".publicKeys = [buffet];
   "secrets/msmtppassword.age".publicKeys = [buffet];
 }

secrets/keycloak-db-pass.age

@@ -1,5 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 zRvPWg dBE7+zBtxSbFggJdrs22PDU/rMaVJ8tV6FLPmSwOzA0
-mAmmY0WFFzntI+uVOFaDZixtBPkAflllANFlcupM8sc
---- 8rVOupXTyOinTaMRntA+rBjr2xZ9FT0xzmNQReEZb1Q
-Ñr84¦y„ó%	Ó„ÑÓLkº|½ª®]è~£:œö–‹n¬ëÇÞÂd½mC2£\­‘‘$¯Áör†#‹u°ì•D)PöBàÀm-R¹Ukƒ°0Æ…Cò$`ê|U