ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

attempt trillium with oauth proxy

Browse source
This commit is contained in:
RingOfStorms (Joshua Bell) 2025-10-03 15:35:45 -05:00
parent e122f8d410
commit 189559a1b7
2 changed files with 13 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
hosts/h001/mods/oauth2-proxy.nix
View file

@ -10,7 +10,7 @@
validateURL = "https://sso.joshuabell.xyz/oauth2/"; validateURL = "https://sso.joshuabell.xyz/oauth2/";
oidcIssuerUrl = "https://sso.joshuabell.xyz:443"; oidcIssuerUrl = "https://sso.joshuabell.xyz:443";
keyFile = config.age.secrets.oauth2_proxy_zitadel_client_secret.path; keyFile = config.age.secrets.oauth2_proxy_zitadel_client_secret.path;
# nginx.domain = "sso-proxy.joshuabell.xyz"; nginx.domain = "sso-proxy.joshuabell.xyz";
# email.domains = [ ]; # email.domains = [ ];
# extraConfig = { # extraConfig = {
# whitelist-domain = ".joshuabell.xyz"; # whitelist-domain = ".joshuabell.xyz";

13
hosts/h001/mods/trilium.nix
View file

@ -13,7 +13,18 @@
}; };
systemd.services.trilium-server.environment = { systemd.services.trilium-server.environment = {
TRILIUM_NO_UPLOAD_LIMIT = true; TRILIUM_NO_UPLOAD_LIMIT = "true";
};
services.oauth2-proxy.nginx.virtualHosts."notes.joshuabell.xyz".allowed_groups = [ "notes" ];
services.nginx.virtualHosts."notes.joshuabell.xyz" = {
locations = {
"/" = {
proxyWebsockets = true;
recommendedProxySettings = true;
proxyPass = "http://127.0.0.1:9111";
};
};
}; };
# services.nginx = { # services.nginx = {