prefect: Disable SSO on headscale
This commit is contained in:
parent
31388902c2
commit
4231a517d6
1 changed files with 14 additions and 13 deletions
|
@ -29,24 +29,25 @@
|
|||
hostname = "vpn.thehedgehog.me";
|
||||
};
|
||||
};
|
||||
# Disabled since if this goes down, then it's a pain to reconnect to auth
|
||||
# OIDC configuration, so I can have my beloved SSO.
|
||||
openIdConnect = {
|
||||
# Issuer is HedgeCloud auth, my private auth server
|
||||
issuer = "https://auth.thehedgehog.me/application/o/hedgevpn/";
|
||||
# All people get assigned to the "main" namespace
|
||||
domainMap = {
|
||||
".*" = "main";
|
||||
};
|
||||
# Set client ID for OIDC
|
||||
clientId = "25066b6b1e72718186f8c0dc20f7892951834b6e";
|
||||
# Client Secret is in this file
|
||||
clientSecretFile = "/run/agenix/headscale-oidc-secret";
|
||||
};
|
||||
# openIdConnect = {
|
||||
# # Issuer is HedgeCloud auth, my private auth server
|
||||
# issuer = "https://auth.thehedgehog.me/application/o/hedgevpn/";
|
||||
# # All people get assigned to the "main" namespace
|
||||
# domainMap = {
|
||||
# ".*" = "main";
|
||||
# };
|
||||
# # Set client ID for OIDC
|
||||
# clientId = "25066b6b1e72718186f8c0dc20f7892951834b6e";
|
||||
# # Client Secret is in this file
|
||||
# clientSecretFile = "/run/agenix/headscale-oidc-secret";
|
||||
# };
|
||||
# Misc settings that aren't set in the above sections
|
||||
settings = {
|
||||
# Set challenge type, forwarded by Caddy
|
||||
tls_letsencrypt_challenge_type = "HTTP-01";
|
||||
oidc.strip_email_domain = true;
|
||||
# oidc.strip_email_domain = true;
|
||||
# NixOS handles our updates
|
||||
disable_check_updates = true;
|
||||
ip_prefixes = [
|
||||
|
|
Loading…
Reference in a new issue