path: root/machines/nixos/x86_64-linux/synology-vm/profiles/keycloak.nix



{ config, self, ... }:
{
  age.secrets.keycloak-db-password = {
    file = "${self}/secrets/keycloak-db-password.age";
  };

  networking.firewall.allowedTCPPorts = [ 8080 ];

  services.keycloak = {
    enable = true;
    database.passwordFile = config.age.secrets.keycloak-db-password.path;
    settings = {
      hostname = "id.fcuny.net";
      http-host = "10.100.0.40";
      http-port = 8080;
      proxy-headers = "xforwarded";
      http-enabled = true;
    };
  };
}
{ config, self, ... }:
{
  age.secrets.keycloak-db-password = {
    file = "${self}/secrets/keycloak-db-password.age";
  };

  networking.firewall.allowedTCPPorts = [ 8080 ];

  services.keycloak = {
    enable = true;
    database.passwordFile = config.age.secrets.keycloak-db-password.path;
    settings = {
      hostname = "id.fcuny.net";
      http-host = "10.100.0.40";
      http-port = 8080;
      proxy-headers = "xforwarded";
      http-enabled = true;
    };
  };
}