about summary refs log tree commit diff
path: root/systems/cobalt/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'systems/cobalt/default.nix')
-rw-r--r--systems/cobalt/default.nix14
1 files changed, 14 insertions, 0 deletions
diff --git a/systems/cobalt/default.nix b/systems/cobalt/default.nix
index d815260..e94f461 100644
--- a/systems/cobalt/default.nix
+++ b/systems/cobalt/default.nix
@@ -138,6 +138,7 @@ in
   ];
 
   sops.secrets.borg-cobalt-rolling-pass = { };
+  sops.secrets.authentik-envs = { };
   sops.secrets.grafana-admin-pass = { owner = "grafana"; };
   sops.secrets.acme-envs = {
     owner = "acme";
@@ -210,6 +211,7 @@ in
         "exotic.sh" = {
           subDomains = [
             "*.labs"
+            "auth"
             "bouncer"
             "chat"
             "cinny"
@@ -237,6 +239,18 @@ in
       secrets.acme-credentials = config.sops.secrets.acme-envs.path;
     };
 
+    services.authentik = {
+      enable = true;
+      domain = "exotic.sh";
+      realHost = "auth.exotic.sh";
+      email = {
+        host = "mail.exotic.sh";
+        username = "system@exotic.sh";
+        from = "system@exotic.sh";
+      };
+      secrets.authentik-envs = config.sops.secrets.authentik-envs.path;
+    };
+
     services.gitolite = {
       enable = true;
       adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILN14b5Fu+StHeMXq4ClyLG4G+/vCAfS7adxceEFria/ openpgp:0x1D5BCD11";
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 07:30:47 +0000