jsw/NiksOS
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

server zitadel: init

Browse source
This commit is contained in:
Jurn Wubben 2025-07-20 15:18:39 +02:00
parent 71b64d8edc
commit 7d59f3cdb1
5 changed files with 44 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
secrets/default.nix
View file

@ -36,5 +36,6 @@ in {
# else "root"; # else "root";
file = ./mail-admin.age; file = ./mail-admin.age;
}; };
zitadel.file = ./zitadel.age;
}; };
} }

1
secrets/secrets.nix
View file

@ -20,4 +20,5 @@ in {
"matrix-registration.age".publicKeys = keys; "matrix-registration.age".publicKeys = keys;
"cloudflare-acme.age".publicKeys = keys; "cloudflare-acme.age".publicKeys = keys;
"mail-admin.age".publicKeys = keys; "mail-admin.age".publicKeys = keys;
"zitadel.age".publicKeys = keys;
} }

15
secrets/zitadel.age Normal file
View file

@ -0,0 +1,15 @@
age-encryption.org/v1
-> ssh-ed25519 GQzYWA fz19CbZPbHDcTz3uKZwJPn5ZN4cvl7GcED5eG0D+ElM
HHCdqkDUcqK4Oo+AGp04q3nVJs2KpeIM3ZwKwOsPWYo
-> ssh-ed25519 MfR7VA IXjIOdECEgdKvxs3K2lYVhqHa6IbGYhciFlPamEl9AQ
HVDNbo0Y8rAHy2nUiiP11XKcJ5AdEGhQQt30GCdve1E
-> ssh-ed25519 +cvRTg ipfUrJdALMna/5EQfLzAo28r65e1W62P5FzSxqSkYCI
qzhYJjzB6NsHa0obHsyD3nylsucBcIcWFcJ8g/P1HHo
-> ssh-ed25519 WCPLrA fAWkqW/ucxI8d+92obW2j1X3+FC/HfR32JGl/jEbUwQ
CVxiMB5COMiikBiubXJlzNAmq2KIpiqBUPgks5bD/3Y
-> ssh-ed25519 7/ziYw vdFHVmAee1B7y7dG9JsV0Q5oJAHkARCwcjZAyAzCuRY
8BMNoikJKNPdxxk61A/zgRykiFGgNu7JUCm+Hhdy9Vw
-> ssh-ed25519 VQy60Q SUSqfYDbeljqVLip253DQtxcag48UYVkUQDZ+6mA1n4
j3zzmyOADOQprP8/db/Q8iswQucbjgylpt3s4GnHR2A
--- v9F0L3av1OwiVGZfhdGzM0NCsg9j611ihVaKlmHpdoY
ƺíÊB2Ò•_bw<>2¯Ž°ñ"ér<C3A9>oö¾èc

1
system/server/default.nix
View file

@ -10,6 +10,7 @@
./matrix.nix ./matrix.nix
./seafile.nix ./seafile.nix
./temp.nix ./temp.nix
./zitadel.nix
]; ];
options.niksos.server = lib.mkEnableOption "server servcies (such as caddy)."; #TODO: per service option. options.niksos.server = lib.mkEnableOption "server servcies (such as caddy)."; #TODO: per service option.
} }

26
system/server/zitadel.nix Normal file
View file

@ -0,0 +1,26 @@
{
config,
lib,
...
}: let
ExternalDomain = "z.jsw.tf";
Port = 9000;
in {
config =
lib.mkIf config.niksos.server
{
services.caddy.virtualHosts.${ExternalDomain}.extraConfig = ''
reverse_proxy localhost:${builtins.toString Port}
'';
services.zitadel = {
enable = true;
masterKeyFile = "/etc/default/zitadel";
settings = {
inherit Port ExternalDomain;
ExternalPort = 443;
};
extraSettingsPaths = [config.age.secrets.zitadel.path];
};
};
}