54 lines
1.4 KiB
Nix
54 lines
1.4 KiB
Nix
{
|
|
config,
|
|
self,
|
|
...
|
|
}:
|
|
let
|
|
domain = "outline.vimium.com";
|
|
in
|
|
{
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
services.nginx.virtualHosts = {
|
|
"${domain}" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:3000";
|
|
extraConfig = ''
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_set_header Host $host;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Scheme $scheme;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_redirect off;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
age.secrets."passwords/services/outline/oidc-client-secret" = {
|
|
file = "${self.inputs.secrets}/passwords/services/outline/oidc-client-secret.age";
|
|
owner = "outline";
|
|
group = "outline";
|
|
};
|
|
|
|
services.outline = {
|
|
enable = true;
|
|
forceHttps = false;
|
|
oidcAuthentication = {
|
|
clientId = "outline";
|
|
clientSecretFile = config.age.secrets."passwords/services/outline/oidc-client-secret".path;
|
|
displayName = "Vimium";
|
|
authUrl = "https://auth.vimium.com/ui/oauth2";
|
|
tokenUrl = "https://auth.vimium.com/oauth2/token";
|
|
userinfoUrl = "https://auth.vimium.com/oauth2/openid/outline/userinfo";
|
|
};
|
|
publicUrl = "https://${domain}";
|
|
storage.storageType = "local";
|
|
};
|
|
}
|