move miniflux configuration for authelia in the miniflux profile

2 files changed, 16 insertions, 20 deletions

diff --git a/profiles/authelia.nix b/profiles/authelia.nix
index 8a345b2..b5d2c94 100644
--- a/profiles/authelia.nix
+++ b/profiles/authelia.nix
@@ -38,21 +38,6 @@
           path = "/var/lib/authelia-main/db.sqlite3";
         };
       };
-      identity_providers.oidc = {
-        clients = [
-          {
-            id = "miniflux";
-            description = "Miniflux RSS";
-            secret = "$pbkdf2-sha512$310000$OPAy.BbYps2sWTt4Broxbg$uB6QZaHK1n7MHheaWhly/cvnNIw4gZbY.BibTCHvodcRAAggSTUA8rTdjzudaKtJZW7Lm4u0j2C2D1VFmRV2Aw";
-            redirect_uris = [ "https://reader.fcuny.net/oauth2/oidc/callback" ];
-            scopes = [
-              "openid"
-              "email"
-              "profile"
-            ];
-          }
-        ];
-      };
     };
   };
 
diff --git a/profiles/miniflux.nix b/profiles/miniflux.nix
index 2d110ad..7cc465b 100644
--- a/profiles/miniflux.nix
+++ b/profiles/miniflux.nix
@@ -4,10 +4,7 @@ let
   port = 8002;
 in
 {
-  age.secrets.miniflux-oidc = {
-    owner = "miniflux";
-    file = ../secrets/miniflux-oidc.age;
-  };
+  age.secrets.miniflux-oidc.file = ../secrets/miniflux-oidc.age;
 
   services.miniflux = {
     enable = true;
@@ -24,9 +21,23 @@ in
     };
   };
 
-  networking.firewall.allowedTCPPorts = [ 8002 ];
+  networking.firewall.allowedTCPPorts = [ port ];
 
   systemd.services.miniflux.serviceConfig.LoadCredential = [
     "oauth2-client-secret:${config.age.secrets.miniflux-oidc.path}"
   ];
+
+  services.authelia.instances.main.settings.identity_providers.oidc.clients = [
+    {
+      id = "miniflux";
+      description = "Miniflux RSS";
+      secret = "$pbkdf2-sha512$310000$OPAy.BbYps2sWTt4Broxbg$uB6QZaHK1n7MHheaWhly/cvnNIw4gZbY.BibTCHvodcRAAggSTUA8rTdjzudaKtJZW7Lm4u0j2C2D1VFmRV2Aw";
+      redirect_uris = [ "https://${domain}/oauth2/oidc/callback" ];
+      scopes = [
+        "openid"
+        "email"
+        "profile"
+      ];
+    }
+  ];
 }