jsw/NiksOS
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
NiksOS/system/server/coder.nix

54 lines
1.4 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
...
}: let
inherit (config.niksos) server;
inherit (config.services.coder) user;
port = 9005;
host = "coder.jsw.tf";
sPort = builtins.toString port;
httpsHost = "https://" + host;
in {
config = lib.mkIf server {
#TODO: start = after caddy + zitadel + network
virtualisation.podman = {
enable = true;
dockerSocket.enable = true;
dockerCompat = true;
autoPrune.enable = true;
};
users.groups.podman.members = [user];
services = {
caddy.virtualHosts."${host}".extraConfig = ''
reverse_proxy :${sPort}
'';
coder = {
enable = true;
listenAddress = "127.0.0.1:${sPort}";
wildcardAccessUrl = "*.${host}";
accessUrl = httpsHost;
environment = {
file = config.age.secrets.coder-env.path; # See format below.
/*
CODER_OIDC_CLIENT_ID=""
CODER_OIDC_CLIENT_SECRET=""
*/
extra = {
CODER_DISABLE_PASSWORD_AUTH = "true";
CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS = "false";
CODER_OAUTH2_GITHUB_DEFAULT_PROVIDER_ENABLE = "false";
CODER_OIDC_ISSUER_URL = "https://z.jsw.tf";
CODER_OIDC_SIGN_IN_TEXT = "Sign in with JSW-Auth";
CODER_OIDC_ICON_URL = "https://"; #FIXME: icon
# CODER_OIDC_EMAIL_DOMAIN="your-domain-1,your-domain-2";
};
};
};
};
};
}
Reference in a new issue View git blame Copy permalink