Compare commits
8 commits
f905f051a0
...
87bf369bd7
| Author | SHA1 | Date | |
|---|---|---|---|
87bf369bd7
|
|||
|
38e7492807
|
|||
|
6263522488
|
|||
|
af0e5ed742
|
|||
|
a9b1d69386
|
|||
|
870802e6d2
|
|||
|
27fbff7e9b
|
|||
|
59c4ee3e8d
|
7 changed files with 106 additions and 149 deletions
148
flake.lock
generated
148
flake.lock
generated
|
|
@ -116,11 +116,11 @@
|
|||
},
|
||||
"catppuccin": {
|
||||
"locked": {
|
||||
"lastModified": 1726952185,
|
||||
"narHash": "sha256-l/HbsQjJMT6tlf8KCooFYi3J6wjIips3n6/aWAoLY4g=",
|
||||
"lastModified": 1728407414,
|
||||
"narHash": "sha256-B8LaxUP93eh+it8RW1pGq4SsU2kj7f0ipzFuhBvpON8=",
|
||||
"owner": "catppuccin",
|
||||
"repo": "nix",
|
||||
"rev": "630b559cc1cb4c0bdd525af506935323e4ccd5d1",
|
||||
"rev": "96cf8b4a05fb23a53c027621b1147b5cf9e5439f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -143,11 +143,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1711386353,
|
||||
"narHash": "sha256-gWEpb8Hybnoqb4O4tmpohGZk6+aerAbJpywKcFIiMlg=",
|
||||
"lastModified": 1728263678,
|
||||
"narHash": "sha256-gyUVsPAWY9AgVKjrNPoowrIr5BvK4gI0UkDXvv8iSxA=",
|
||||
"owner": "zhaofengli",
|
||||
"repo": "colmena",
|
||||
"rev": "cd65ef7a25cdc75052fbd04b120aeb066c3881db",
|
||||
"rev": "b0a62f234fae02a006123e661ff70e62af16106b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -165,11 +165,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722113426,
|
||||
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
|
||||
"lastModified": 1728330715,
|
||||
"narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
|
||||
"rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -245,11 +245,11 @@
|
|||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722555600,
|
||||
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
|
||||
"lastModified": 1727826117,
|
||||
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
|
||||
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -267,11 +267,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722555600,
|
||||
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
|
||||
"lastModified": 1727826117,
|
||||
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
|
||||
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -303,11 +303,11 @@
|
|||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"lastModified": 1726560853,
|
||||
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -373,11 +373,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1723803910,
|
||||
"narHash": "sha256-yezvUuFiEnCFbGuwj/bQcqg7RykIEqudOy/RBrId0pc=",
|
||||
"lastModified": 1728727368,
|
||||
"narHash": "sha256-7FMyNISP7K6XDSIt1NJxkXZnEdV3HZUXvFoBaJ/qdOg=",
|
||||
"owner": "cachix",
|
||||
"repo": "git-hooks.nix",
|
||||
"rev": "bfef0ada09e2c8ac55bbcd0831bd0c9d42e651ba",
|
||||
"rev": "eb74e0be24a11a1531b5b8659535580554d30b28",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -433,11 +433,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1727111745,
|
||||
"narHash": "sha256-EYLvFRoTPWtD+3uDg2wwQvlz88OrIr3zld+jFE5gDcY=",
|
||||
"lastModified": 1728791962,
|
||||
"narHash": "sha256-nr5QiXwQcZmf6/auC1UpX8iAtINMtdi2mH+OkqJQVmU=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "21c021862fa696c8199934e2153214ab57150cb6",
|
||||
"rev": "64c6325b28ebd708653dd41d88f306023f296184",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -455,11 +455,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1723986931,
|
||||
"narHash": "sha256-Fy+KEvDQ+Hc8lJAV3t6leXhZJ2ncU5/esxkgt3b8DEY=",
|
||||
"lastModified": 1728726232,
|
||||
"narHash": "sha256-8ZWr1HpciQsrFjvPMvZl0W+b0dilZOqXPoKa2Ux36bc=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "2598861031b78aadb4da7269df7ca9ddfc3e1671",
|
||||
"rev": "d57112db877f07387ce7104b5ac346ede556d2d7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -498,11 +498,11 @@
|
|||
"nixvim": "nixvim"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1725247757,
|
||||
"narHash": "sha256-M++z1VvmSo18FRVI02mdF2210bCYn+t25Zgflrdn9Tc=",
|
||||
"lastModified": 1728878762,
|
||||
"narHash": "sha256-aYYyuY+IM3d/5NbogZx7ctd8bfNmzHklNIwazSn3jx0=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "7e0140a6a9eff2ab3292d8269bc99efeb3581835",
|
||||
"revCount": 14,
|
||||
"rev": "0df66b4ab6faf481b1a94dd2edef66eec8e1efde",
|
||||
"revCount": 16,
|
||||
"type": "git",
|
||||
"url": "https://git.xinyang.life/xin/nixvim"
|
||||
},
|
||||
|
|
@ -520,11 +520,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1723859949,
|
||||
"narHash": "sha256-kiaGz4deGYKMjJPOji/JVvSP/eTefrIA3rAjOnOpXl4=",
|
||||
"lastModified": 1728385805,
|
||||
"narHash": "sha256-mUd38b0vhB7yzgAjNOaFz7VY9xIVzlbn3P2wjGBcVV0=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "076b9a905af8a52b866c8db068d6da475839d97b",
|
||||
"rev": "48b50b3b137be5cfb9f4d006835ce7c3fe558ccc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -540,11 +540,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1726975622,
|
||||
"narHash": "sha256-bPDZosnom0+02ywmMZAvmj7zvsQ6mVv/5kmvSgbTkaY=",
|
||||
"lastModified": 1728790083,
|
||||
"narHash": "sha256-grMdAd4KSU6uPqsfLzA1B/3pb9GtGI9o8qb0qFzEU/Y=",
|
||||
"owner": "Mic92",
|
||||
"repo": "nix-index-database",
|
||||
"rev": "c7515c2fdaf2e1f3f49856cef6cec95bb2138417",
|
||||
"rev": "5c54c33aa04df5dd4b0984b7eb861d1981009b22",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -564,11 +564,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1727142313,
|
||||
"narHash": "sha256-uEkvjrMOmQiGMw2m7iAHZDE82Wt+i3P65+dFmgpBbAM=",
|
||||
"lastModified": 1728179514,
|
||||
"narHash": "sha256-mOGZFPYm9SuEXnYiXhgs/JmLu7RofRaMpAYyJiWudkc=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-vscode-extensions",
|
||||
"rev": "487e99ffa42d57de53eba5ca4b60cd95fb442c42",
|
||||
"rev": "018196c371073d669510fd69dd2f6dc0ec608c41",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -579,11 +579,11 @@
|
|||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1727040444,
|
||||
"narHash": "sha256-19FNN5QT9Z11ZUMfftRplyNN+2PgcHKb3oq8KMW/hDA=",
|
||||
"lastModified": 1728729581,
|
||||
"narHash": "sha256-oazkQ/z7r43YkDLLQdMg8oIB3CwWNb+2ZrYOxtLEWTQ=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "d0cb432a9d28218df11cbd77d984a2a46caeb5ac",
|
||||
"rev": "a8dd1b21995964b115b1e3ec639dd6ce24ab9806",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -595,11 +595,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1723991338,
|
||||
"narHash": "sha256-Grh5PF0+gootJfOJFenTTxDTYPidA3V28dqJ/WV7iis=",
|
||||
"lastModified": 1728492678,
|
||||
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "8a3354191c0d7144db9756a74755672387b702ba",
|
||||
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -611,23 +611,23 @@
|
|||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"lastModified": 1722555339,
|
||||
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
|
||||
"lastModified": 1727825735,
|
||||
"narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1726969270,
|
||||
"narHash": "sha256-8fnFlXBgM/uSvBlLWjZ0Z0sOdRBesyNdH0+esxqizGc=",
|
||||
"lastModified": 1728740863,
|
||||
"narHash": "sha256-u+rxA79a0lyhG+u+oPBRtTDtzz8kvkc9a6SWSt9ekVc=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "23cbb250f3bf4f516a2d0bf03c51a30900848075",
|
||||
"rev": "a3f9ad65a0bf298ed5847629a57808b97e6e8077",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -639,11 +639,11 @@
|
|||
},
|
||||
"nixpkgs-stable_2": {
|
||||
"locked": {
|
||||
"lastModified": 1725762081,
|
||||
"narHash": "sha256-vNv+aJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8=",
|
||||
"lastModified": 1728156290,
|
||||
"narHash": "sha256-uogSvuAp+1BYtdu6UWuObjHqSbBohpyARXDWqgI12Ss=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "dc454045f5b5d814e5862a6d057e7bb5c29edc05",
|
||||
"rev": "17ae88b569bb15590549ff478bab6494dde4a907",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -655,11 +655,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1727147895,
|
||||
"narHash": "sha256-2YZYrtEqQlPT77i6F3PSfA6pHeC62Q94u+c5N26BbNo=",
|
||||
"lastModified": 1728876479,
|
||||
"narHash": "sha256-tjVsONpCYX+pOBqpnLsNOcd9DpbzG2Tnm8K/lgTqQc8=",
|
||||
"owner": "xinyangli",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1b7b0516e42e87d04944092f04e85a393f12e3a8",
|
||||
"rev": "5f7b4a8a49de5fb589a4f67f1ec888382312a490",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -698,11 +698,11 @@
|
|||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1724127528,
|
||||
"narHash": "sha256-fKtsvNQeLhPuz1O53x6Xxkd/yYecpolNXRq7mfvnXQk=",
|
||||
"lastModified": 1728829992,
|
||||
"narHash": "sha256-722PdOQ4uTTAOyS3Ze4H7LXDNVi9FecKbLEvj3Qu0hM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixvim",
|
||||
"rev": "cb413995e1e101c76d755b7f131ce60c7ea3985d",
|
||||
"rev": "619e24366e8ad34230d65a323d26ca981bfa6927",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -713,11 +713,11 @@
|
|||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1727146799,
|
||||
"narHash": "sha256-EgTExhm77mFu0dNkl4A9LaVYwZYcx62hIG1Q7IJbzzg=",
|
||||
"lastModified": 1728878648,
|
||||
"narHash": "sha256-JYNGkY30+zGclR1zebnyHOtRhWKfKHLw6T4IoqhmJFs=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "819ed7a5b7dfec428810dfa1403d4fcb5cad44f3",
|
||||
"rev": "23d88faa35dc9de0e35fc3dc2a863c4cf451a8f8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -736,11 +736,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1723969429,
|
||||
"narHash": "sha256-BuewfNEXEf11MIkJY+uvWsdLu1dIvgJqntWChvNdALg=",
|
||||
"lastModified": 1728701796,
|
||||
"narHash": "sha256-FTDCOUnq+gdnHC3p5eisv1X1mMtKJDNMegwpZjRzQKY=",
|
||||
"owner": "NuschtOS",
|
||||
"repo": "search",
|
||||
"rev": "a05d1805f2a2bc47d230e5e92aecbf69f784f3d0",
|
||||
"rev": "9578d865b081c29ae98131caf7d2f69a42f0ca6e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -774,11 +774,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1726524647,
|
||||
"narHash": "sha256-qis6BtOOBBEAfUl7FMHqqTwRLB61OL5OFzIsOmRz2J4=",
|
||||
"lastModified": 1728345710,
|
||||
"narHash": "sha256-lpunY1+bf90ts+sA2/FgxVNIegPDKCpEoWwOPu4ITTQ=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "e2d404a7ea599a013189aa42947f66cede0645c8",
|
||||
"rev": "06535d0e3d0201e6a8080dd32dbfde339b94f01b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -871,11 +871,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1723808491,
|
||||
"narHash": "sha256-rhis3qNuGmJmYC/okT7Dkc4M8CeUuRCSvW6kC2f3hBc=",
|
||||
"lastModified": 1727984844,
|
||||
"narHash": "sha256-xpRqITAoD8rHlXQafYZOLvUXCF6cnZkPfoq67ThN0Hc=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "1d07739554fdc4f8481068f1b11d6ab4c1a4167a",
|
||||
"rev": "4446c7a6fc0775df028c5a3f6727945ba8400e64",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
{ inputs, pkgs, ... }:
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
imports = [ ./common ];
|
||||
imports = [
|
||||
./common
|
||||
];
|
||||
|
||||
programs.nix-index-database.comma.enable = true;
|
||||
|
||||
|
|
@ -37,11 +39,6 @@
|
|||
flavor = "mocha";
|
||||
};
|
||||
|
||||
stylix = {
|
||||
targets = {
|
||||
gtk.enable = true;
|
||||
};
|
||||
};
|
||||
xdg.enable = true;
|
||||
|
||||
i18n.inputMethod = {
|
||||
|
|
|
|||
|
|
@ -126,7 +126,11 @@
|
|||
|
||||
# Enable CUPS to print documents.
|
||||
services.printing.enable = true;
|
||||
# services.printing.drivers = [ pkgs.hplip ];
|
||||
services.printing.drivers = [
|
||||
pkgs.hplip
|
||||
pkgs.gutenprintBin
|
||||
pkgs.canon-cups-ufr2
|
||||
];
|
||||
|
||||
hardware.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
|
|
@ -180,6 +184,7 @@
|
|||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
environment.systemPackages = with pkgs; [
|
||||
imhex
|
||||
oidc-agent
|
||||
# Filesystem
|
||||
(owncloud-client.overrideAttrs (
|
||||
|
|
@ -187,8 +192,8 @@
|
|||
src = pkgs.fetchFromGitHub {
|
||||
owner = "xinyangli";
|
||||
repo = "client";
|
||||
rev = "e5ec2d68077361f1597b137a944884dda5574487";
|
||||
hash = "sha256-xs8g7DdL1VxArK3n1c/9k7nW2vwYRHRuz6zaeX7E3eM=";
|
||||
rev = "780d1c4c8bf02be42e118c792ff833ab10c2fdcc";
|
||||
hash = "sha256-pEwcGJI9sN9nooW/RQHmi52Du6yzofgZeB8PcjwPtZ8=";
|
||||
};
|
||||
}
|
||||
))
|
||||
|
|
|
|||
|
|
@ -1,15 +1,5 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
sops.secrets = {
|
||||
"kanidm/ocis_android_secret" = {
|
||||
owner = "kanidm";
|
||||
};
|
||||
};
|
||||
systemd.services.kanidm.serviceConfig = {
|
||||
BindReadOnlyPaths = [
|
||||
config.sops.secrets."kanidm/ocis_android_secret".path
|
||||
];
|
||||
};
|
||||
services.kanidm.provision = {
|
||||
enable = true;
|
||||
autoRemove = true;
|
||||
|
|
@ -118,31 +108,18 @@
|
|||
];
|
||||
};
|
||||
};
|
||||
owncloud = {
|
||||
displayName = "ownCloud";
|
||||
originUrl = "https://drive.xinyang.life:8443/";
|
||||
originLanding = "https://drive.xinyang.life:8443/";
|
||||
public = true;
|
||||
preferShortUsername = true;
|
||||
scopeMaps = {
|
||||
ocis-users = [
|
||||
"openid"
|
||||
"email"
|
||||
"profile"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
# It's used for all the clients. I'm too lazy to change the name.
|
||||
owncloud-android = {
|
||||
displayName = "ownCloud Apps";
|
||||
originLanding = "https://drive.xinyang.life:8443/";
|
||||
originUrl = [
|
||||
"http://localhost/"
|
||||
"http://127.0.0.1/"
|
||||
"http://localhost:38622/"
|
||||
"http://localhost:43580/"
|
||||
"https://drive.xinyang.life:8443/"
|
||||
# TODO: Should allow mobile redirect url not ending with /
|
||||
# "oc://android.owncloud.com"
|
||||
];
|
||||
basicSecretFile = config.sops.secrets."kanidm/ocis_android_secret".path;
|
||||
public = true;
|
||||
preferShortUsername = true;
|
||||
scopeMaps = {
|
||||
ocis-users = [
|
||||
|
|
|
|||
|
|
@ -9,9 +9,6 @@ forgejo:
|
|||
restic:
|
||||
repo: ENC[AES256_GCM,data:/vybkTU7LMWSlco9W2pJouU9wm4okXClSHXQMCA6SGIHWp4Ppl6C+jS4sNJALc6ntKzcEHyWO/R3JPjQKjZNH4YtrnNQp/ZY9g==,iv:gAvp6blg5JuBKzLw6YSgM1Uc24Aesov3ttCRXZXBvJw=,tag:pvH1y6BFOl7jIn/qQejUbQ==,type:str]
|
||||
password: ENC[AES256_GCM,data:5eIIBtGtBFwcAQ+ZwTYOtg==,iv:3GEM8Imu0i1aTwwSspvz2EzwJOXUC/b15hzkFFuZ+YY=,tag:wscba+nMtshldgUtcEKnOw==,type:str]
|
||||
kanidm:
|
||||
ocis_android_secret: ENC[AES256_GCM,data:vuEIvBEhIME+C/s3xoskddtf5nogC9nPq+HUyyAl3u9nvH3bTzUkfE/1wolaCLeeupnD3pDokdRyKzjEmoZACQ==,iv:cmx/0i23p1uEI0oAiWdcvGRq4+075+VuAMkFSfXzfso=,tag:yVnqz16L5kyW9vAVng53pA==,type:str]
|
||||
ocis_desktop_secret: ENC[AES256_GCM,data:WTfUQzTB9An9p9xof2nuIkD5mYzMaisS62Cv86zX05rkB/wXmTnZiY7ztUoN9OmhGoPgeZg0+d+Jo6bV1hoqlw==,iv:V4iqtYIOcyDXIijcD0IXqpaSs2rxyWiOSZGer/BFSe4=,tag:1nCU1KmWQcY5ZXjlzhxaQQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
|
@ -36,8 +33,8 @@ sops:
|
|||
dnFBa0lDWWZtS1BHdzBoVzNTaGNkSEEKi/W1n7RT8NpTp00SBMwxsUJAPDhumJ/i
|
||||
V2VnaSNwouD3SswTcoBzqQpBP9XrqzjIYGke90ZODFQbMY9WDQ+O0g==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-09-14T05:48:04Z"
|
||||
mac: ENC[AES256_GCM,data:zdGdvk2pMaZYUsTI9XsSUpgtWrNmZNPg7KoV0zAt19h7Qccu3OGTSfXD+rhhhxhhWgBohGIhDVAVQcORnAw1Y/ykgqxERCANuzoBvvR1eKfPcRNiCEr2dmUAybDF7B2MWKlJ5Fsnpk/caK717Fe8XdAJDuplFwmMWi2c1c61/NQ=,iv:KPQTGzFQH+CQmLeXBzMSbU4lVH0/Wc6CeTp6w/pMMOY=,tag:UVA+sQwQa2bpy2/woBgAkQ==,type:str]
|
||||
lastmodified: "2024-09-30T07:19:35Z"
|
||||
mac: ENC[AES256_GCM,data:WSGvA1RkChrD07Sf4BFVMbdTXQYxAHeGGQ52e+pnPh0lZPOzMc9sLDrBPqDK2OfrHC+hK8RC7FxQTGs6G/oBB4nUzIZPn9WycTiU5elwWDfktizH0gr3EJDm7Gs+bTWQpwdoJZGZ8XErK+yegCaKL5cSOSTlBBbQOnZfnoNBg5c=,iv:xyJRFfxHC2xV0ro4CbdOPau1zORxA64OqpvKr4aFZvQ=,tag:c9NA90d5WTK2pfxwoyOX5A==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.0
|
||||
|
|
|
|||
|
|
@ -268,33 +268,15 @@ in
|
|||
virtualHosts."http://auth.xinyang.life:80".extraConfig = ''
|
||||
reverse_proxy ${config.security.acme.certs."auth.xinyang.life".listenHTTP}
|
||||
'';
|
||||
virtualHosts."https://auth.xinyang.life".extraConfig =
|
||||
let
|
||||
reverseProxyKanidm = ''
|
||||
reverse_proxy https://127.0.0.1:${toString kanidm_listen_port} {
|
||||
header_up Host {upstream_hostport}
|
||||
header_down Access-Control-Allow-Origin "*"
|
||||
transport http {
|
||||
tls_server_name ${config.services.kanidm.serverSettings.domain}
|
||||
}
|
||||
virtualHosts."https://auth.xinyang.life".extraConfig = ''
|
||||
reverse_proxy https://127.0.0.1:${toString kanidm_listen_port} {
|
||||
header_up Host {upstream_hostport}
|
||||
header_down Access-Control-Allow-Origin "*"
|
||||
transport http {
|
||||
tls_server_name ${config.services.kanidm.serverSettings.domain}
|
||||
}
|
||||
'';
|
||||
in
|
||||
''
|
||||
reverse_proxy /oauth2/openid/owncloud/userinfo https://127.0.0.1:${toString kanidm_listen_port} {
|
||||
header_up Host {upstream_hostport}
|
||||
header_down Access-Control-Allow-Origin "*"
|
||||
transport http {
|
||||
tls_server_name ${config.services.kanidm.serverSettings.domain}
|
||||
}
|
||||
@error status 400
|
||||
handle_response @error {
|
||||
rewrite /oauth2/openid/owncloud/userinfo /oauth2/openid/owncloud-android/userinfo
|
||||
${reverseProxyKanidm}
|
||||
}
|
||||
}
|
||||
${reverseProxyKanidm}
|
||||
'';
|
||||
}
|
||||
'';
|
||||
|
||||
virtualHosts."https://rss.xinyang.life".extraConfig = ''
|
||||
reverse_proxy ${config.custom.miniflux.environment.LISTEN_ADDR}
|
||||
|
|
|
|||
|
|
@ -15,21 +15,20 @@
|
|||
OCIS_LOG_PRETTY = "true";
|
||||
PROXY_AUTOPROVISION_ACCOUNTS = "true";
|
||||
PROXY_USER_OIDC_CLAIM = "preferred_username";
|
||||
PROXY_OIDC_ISSUER = "https://auth.xinyang.life/oauth2/openid/owncloud";
|
||||
PROXY_OIDC_REWRITE_WELLKNOWN = "false";
|
||||
PROXY_OIDC_ISSUER = "https://auth.xinyang.life/oauth2/openid/owncloud-android";
|
||||
PROXY_OIDC_REWRITE_WELLKNOWN = "true";
|
||||
PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD = "none";
|
||||
OCIS_EXCLUDE_RUN_SERVICES = "idp";
|
||||
WEB_HTTP_ADDR = "127.0.0.1:12345";
|
||||
WEB_OIDC_METADATA_URL = "https://auth.xinyang.life/oauth2/openid/owncloud/.well-known/openid-configuration";
|
||||
WEB_OIDC_AUTHORITY = "https://auth.xinyang.life/oauth2/openid/owncloud";
|
||||
WEB_OIDC_CLIENT_ID = "owncloud";
|
||||
WEB_OIDC_METADATA_URL = "https://auth.xinyang.life/oauth2/openid/owncloud-android/.well-known/openid-configuration";
|
||||
WEB_OIDC_AUTHORITY = "https://auth.xinyang.life/oauth2/openid/owncloud-android";
|
||||
WEB_OIDC_CLIENT_ID = "owncloud-android";
|
||||
};
|
||||
# environmentFile = config.sops.secrets."ocis/env".path;
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 8443 ];
|
||||
services.caddy.virtualHosts."${config.services.ocis.url}".extraConfig = ''
|
||||
redir /.well-known/openid-configuration https://auth.xinyang.life/oauth2/openid/owncloud-android/.well-known/openid-configuration permanent
|
||||
reverse_proxy ${config.services.ocis.address}:${toString config.services.ocis.port}
|
||||
'';
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue