server zitadel: init

2025-07-20 15:18:39 +02:00 · 2025-07-20 15:18:39 +02:00 · 7d59f3cdb1
commit 7d59f3cdb1
parent 71b64d8edc
5 changed files with 44 additions and 0 deletions
--- a/system/server/zitadel.nix
+++ b/system/server/zitadel.nix
@ -0,0 +1,26 @@
+{
+  config,
+  lib,
+  ...
+}: let
+  ExternalDomain = "z.jsw.tf";
+  Port = 9000;
+in {
+  config =
+    lib.mkIf config.niksos.server
+    {
+      services.caddy.virtualHosts.${ExternalDomain}.extraConfig = ''
+        reverse_proxy localhost:${builtins.toString Port}
+      '';
+
+      services.zitadel = {
+        enable = true;
+        masterKeyFile = "/etc/default/zitadel";
+        settings = {
+          inherit Port ExternalDomain;
+          ExternalPort = 443;
+        };
+        extraSettingsPaths = [config.age.secrets.zitadel.path];
+      };
+    };
+}