about summary refs log tree commit diff
diff options
context:
space:
mode:
authorsefidel <contact@sefidel.net>2024-02-19 20:26:18 +0900
committersefidel <contact@sefidel.net>2024-02-19 20:26:18 +0900
commit8e119c73d272e31b548f9bc047e88082a93eac07 (patch)
treeb9e5e2703c33dad8aa944540f1ee5ba3848f9bb6
parentb87d8f473020d1495bbaf42976d96c5c589c88ff (diff)
downloadinfra-8e119c73d272e31b548f9bc047e88082a93eac07.tar.gz
infra-8e119c73d272e31b548f9bc047e88082a93eac07.zip
feat(systems/cobalt): configure OAuth for akkoma
-rw-r--r--systems/cobalt/default.nix4
-rw-r--r--systems/cobalt/secrets/secrets.yaml5
2 files changed, 7 insertions, 2 deletions
diff --git a/systems/cobalt/default.nix b/systems/cobalt/default.nix
index a877064..036e459 100644
--- a/systems/cobalt/default.nix
+++ b/systems/cobalt/default.nix
@@ -156,6 +156,7 @@ in
   # };
   sops.secrets.searx-env = { };
   sops.secrets.freshrss-admin-pass = { owner = "freshrss"; };
+  sops.secrets.akkoma-envs = { };
 
 
   services.openssh.knownHosts."hk-s020.rsync.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILcPl9x9JfRFwsn09NnDw/xBZbAN80ZQck+h6AqlVqPH";
@@ -323,6 +324,9 @@ in
       domain = "exotic.sh";
       realHost = "social.exotic.sh";
       instanceName = "exotic.sh social";
+
+      oauthBaseUrl = "https://auth.exotic.sh";
+      secrets.akkoma-envs = config.sops.secrets.akkoma-envs.path;
     };
     services.soju = {
       enable = true;
diff --git a/systems/cobalt/secrets/secrets.yaml b/systems/cobalt/secrets/secrets.yaml
index 0b8acf0..28d9b64 100644
--- a/systems/cobalt/secrets/secrets.yaml
+++ b/systems/cobalt/secrets/secrets.yaml
@@ -24,6 +24,7 @@ internal-imap-pass: ENC[AES256_GCM,data:2+Bk1hxM+veEXvSpqSZw1I9NaNBjE79CpJmLi2WH
 grafana-admin-pass: ENC[AES256_GCM,data:88z+mLcZ5s1u/8LWYcnOOhWTkff8sv1NIhQ=,iv:YdGaKCaq1bCCLsuYIug6NFO2rhqX/Xyt5yQ/hgWOfko=,tag:D+xWcN2bC2Q1Q2mjtpWqLg==,type:str]
 searx-env: ENC[AES256_GCM,data:FX5CpcDqkpUH2bsS00gFCzPFcInNMbf1Z0mBmoHXk2BJ54AVOVVM1aiVwXDyWnX2wN4gO8nHFypAY451R6UiSt7FAWlkYbBdlv7EsLyaLUR+,iv:c9B+tkipD3IbWTNCzOTvV1MtwJJsOonhxSM+31CHoXg=,tag:hP/BX6TahGqecTtUO3LorQ==,type:str]
 freshrss-admin-pass: ENC[AES256_GCM,data:xfDBsL9OWmOJy7wCKSJPobsk33pwT+E6ylGfjsZDbPozClT6I5nXtQ==,iv:c8au21XjXE97g3SS5JFwVk45NrsnO8aCHWpWP5o0bfY=,tag:Q65jkxymo/VMHOScFq8hPw==,type:str]
+akkoma-envs: ENC[AES256_GCM,data:xiJ64weh7aGrDP2AdwACu4CjGD/7qPs5gT7+ApBscRWrsZKwh7vqayMe38zVk9cV3UWQxBvLFqQDAJsGYWxq7t8161b7l5iPiRTSuxTojQFNBT0aBOuSN1dSez/7IIkuVGU/bRUCyPPhqAmU8D2UU1XZYQdCEzGhA3mWuGWZe9DpShDx0GsFqBLuhIrmis950tL7Rpy7A0iUp3XYmwFUPfRrIPb3bRpsHZU5RtbjpFgRserk7Jwidars+QzeWbcfZaeKBJgYGtYE5ULze/ZrRycNwjLPFQ==,iv:N/PztwJjBmOaKgX7XKa6+BOc1SWXBnYXpAM+Qszb1+Q=,tag:hyxTI82kQ0V3Kh7+fScTQg==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -48,8 +49,8 @@ sops:
             cUpBZ01CMEFjNnNuWjlYejVKajkwcGMKehqYCZP0zZHDTfJrC/5LYiE/3doa0OiM
             OKXhOuUX8HF8RfkyiOSMpntxuNX2jSvd9sQRYnHkUvgm793+IuQjrg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-02-16T21:36:26Z"
-    mac: ENC[AES256_GCM,data:ygl2FsfRgl/hfEujFEIT7K5e5oTWafr89wVApEmRwgOqYodHXRglsYu7ZkCrKHXbmHqwK+evuI5RhjwO8ASOcggB1PJexkQoUfCmaPFYBQNDoja21Kw3ImRi1ezYeUqoSAqZ2U349oVlj5du5aFGCa+bctoSNFpBh3CwTGYXih0=,iv:EYsDIZiM6Z/QLoVR5MzsH2PPUXqXnXPNQZP7wGU3tz8=,tag:Xeq3zwYyVlM2QVlFU4ipSw==,type:str]
+    lastmodified: "2024-02-18T12:27:37Z"
+    mac: ENC[AES256_GCM,data:TC9TZtHNSKxe6+4dcJZy/Pjb+7++DppfMhTSM0BRoaT0cV+KNjC84Up50Wvt/+d7rQ6m6JuQ5Cx4gX7ypDDUsBNW9dISk411kHbisO8x8tG/9L5sAzBeAzZ7I5I8BC00Z9QmP1FsGG74HLcXr/ogp/zFGvjLprW7brxJ1fG3i5E=,iv:wf9+u0J1UPdTX59hTQ0mqPbonMYXq6s7K/qIPmFmssc=,tag:8jMCC9auxTJeoqbykghkYw==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.8.1