amarth/services
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

.

Browse source
This commit is contained in:
Chris Kruining 2025-10-21 14:22:47 +00:00
parent d911f4d9c1
commit 5134d1c89f
3 changed files with 101 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

30
clanServices/zitadel/default.nix
View file

@ -34,6 +34,14 @@ in
The Name of the zitadel organisation
'';
};
emergencyAccessPublicKey = mkOption {
type = types.str;
example = "ssh-ed25519 ...";
description = ''
The public key with which you want access to
'';
};
};
};
@ -130,7 +138,7 @@ in
SMTPConfiguration = {
SMTP = {
Host = "black-mail.nl:587";
User = "chris@kruining.eu";
User = "info@amarth.cloud";
Password = ""; #config.clan.core.vars.generators.zitadel.files.emailPassword.value;
};
FromName = "Amarth Zitadel";
@ -151,6 +159,26 @@ in
SSL.Mode = "disable";
};
};
Machine.Identification = {
PrivateIp.Enabled = true;
# In the docs this uses a google service. I want a self hosted one
# TODO :: Figure out how to self-host webhooks, if I want them at all
Webhook.Enabled = false;
};
SystemAPIUsers = {
emergencyAccess = {
# Path = settings.emergencyAccessPublicKey;
KeyData = settings.emergencyAccessPublicKey;
# This is the default value
# Memberships = [
# { MemberType = "System"; Roles = [ "SYSTEM_OWNER" ]; }
# ];
};
};
};
steps.FirstInstance = {

61
flake.lock generated
View file

@ -189,6 +189,27 @@
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": [
"terranix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1736143030,
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": [
@ -276,7 +297,8 @@
"clan-core": "clan-core",
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_2",
"systems": "systems_3"
"systems": "systems_3",
"terranix": "terranix"
}
},
"sops-nix": {
@ -345,6 +367,43 @@
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"terranix": {
"inputs": {
"flake-parts": "flake-parts_3",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_4"
},
"locked": {
"lastModified": 1757278723,
"narHash": "sha256-hTMi6oGU+6VRnW9SZZ+muFcbfMEf2ajjOp7Z2KM5MMY=",
"owner": "terranix",
"repo": "terranix",
"rev": "924573fa6587ac57b0d15037fbd2d3f0fcdf17fb",
"type": "github"
},
"original": {
"owner": "terranix",
"repo": "terranix",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [

12
flake.nix
View file

@ -22,6 +22,11 @@
systems = {
url = "github:nix-systems/default";
};
terranix = {
url = "github:terranix/terranix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
@ -45,5 +50,12 @@
};
clan = import ./clan.nix;
perSystem = { ... }: {
# security.acme = {
# acceptTerms = true;
# defaults.email = "kaas@kaas.kaas";
# };
};
});
}