68 lines
1.8 KiB
Nix
68 lines
1.8 KiB
Nix
{ lib, ... }:
|
|
let
|
|
inherit (builtins) readFile;
|
|
in
|
|
{
|
|
_class = "clan.service";
|
|
|
|
manifest = {
|
|
name = "amarth/zitadel";
|
|
description = "Zitadel service module";
|
|
categories = [ "System" "Identity" "IAM" ];
|
|
readme = readFile ./README.md;
|
|
};
|
|
|
|
#==============================================================================================================
|
|
# Controller configuration
|
|
#==============================================================================================================
|
|
roles.controller = {
|
|
interface = {
|
|
options = {};
|
|
};
|
|
|
|
perInstance = instanceArgs: {
|
|
nixosModule = lib.modules.importApply ./roles/controller.nix instanceArgs;
|
|
};
|
|
};
|
|
|
|
#==============================================================================================================
|
|
# Peer configuration
|
|
#==============================================================================================================
|
|
roles.peer = {
|
|
interface = {
|
|
options = {};
|
|
};
|
|
|
|
perInstance = instanceArgs: {
|
|
nixosModule = lib.modules.importApply ./roles/peer.nix instanceArgs;
|
|
};
|
|
};
|
|
|
|
perMachine = { instances, machine, ... }: {
|
|
nixosModule = { config, ... }: {
|
|
config = {
|
|
services.zitadel = {
|
|
enable = true;
|
|
|
|
settings = {
|
|
Port = 9092;
|
|
|
|
ExternalDomain = "auth.amarth.cloud";
|
|
ExternalPort = 443;
|
|
ExternalSecure = true;
|
|
|
|
Metrics.Type = "otel";
|
|
Tracing.Type = "otel";
|
|
Telemetry.Enabled = true;
|
|
|
|
SystemDefaults = {
|
|
PasswordHasher.Hasher.Algorithm = "argon2id";
|
|
SecretHasher.Hasher.Algorithm = "argon2id";
|
|
};
|
|
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|