diff options
Diffstat (limited to '')
| -rw-r--r-- | profiles/miniflux.nix | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/profiles/miniflux.nix b/profiles/miniflux.nix index 2d110ad..7cc465b 100644 --- a/profiles/miniflux.nix +++ b/profiles/miniflux.nix @@ -4,10 +4,7 @@ let port = 8002; in { - age.secrets.miniflux-oidc = { - owner = "miniflux"; - file = ../secrets/miniflux-oidc.age; - }; + age.secrets.miniflux-oidc.file = ../secrets/miniflux-oidc.age; services.miniflux = { enable = true; @@ -24,9 +21,23 @@ in }; }; - networking.firewall.allowedTCPPorts = [ 8002 ]; + networking.firewall.allowedTCPPorts = [ port ]; systemd.services.miniflux.serviceConfig.LoadCredential = [ "oauth2-client-secret:${config.age.secrets.miniflux-oidc.path}" ]; + + services.authelia.instances.main.settings.identity_providers.oidc.clients = [ + { + id = "miniflux"; + description = "Miniflux RSS"; + secret = "$pbkdf2-sha512$310000$OPAy.BbYps2sWTt4Broxbg$uB6QZaHK1n7MHheaWhly/cvnNIw4gZbY.BibTCHvodcRAAggSTUA8rTdjzudaKtJZW7Lm4u0j2C2D1VFmRV2Aw"; + redirect_uris = [ "https://${domain}/oauth2/oidc/callback" ]; + scopes = [ + "openid" + "email" + "profile" + ]; + } + ]; } |