From 6851879a03ae87b88a04de406033075076758f9f Mon Sep 17 00:00:00 2001 From: h7x4 Date: Wed, 10 Apr 2024 23:40:02 +0200 Subject: [PATCH] bekkalokk: remove keycloak --- hosts/bekkalokk/configuration.nix | 2 -- hosts/bekkalokk/services/keycloak.nix | 24 ------------------------ secrets/bekkalokk/bekkalokk.yaml | 6 ++---- 3 files changed, 2 insertions(+), 30 deletions(-) delete mode 100644 hosts/bekkalokk/services/keycloak.nix diff --git a/hosts/bekkalokk/configuration.nix b/hosts/bekkalokk/configuration.nix index 26d1e9c..626fd26 100644 --- a/hosts/bekkalokk/configuration.nix +++ b/hosts/bekkalokk/configuration.nix @@ -6,8 +6,6 @@ ../../base.nix ../../misc/metrics-exporters.nix - #./services/keycloak.nix - ./services/website ./services/nginx.nix ./services/gitea/default.nix diff --git a/hosts/bekkalokk/services/keycloak.nix b/hosts/bekkalokk/services/keycloak.nix deleted file mode 100644 index 1200250..0000000 --- a/hosts/bekkalokk/services/keycloak.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ pkgs, config, values, ... }: -{ - sops.secrets."keys/postgres/keycloak" = { - owner = "keycloak"; - group = "keycloak"; - restartUnits = [ "keycloak.service" ]; - }; - - services.keycloak = { - enable = true; - - settings = { - hostname = "auth.pvv.ntnu.no"; - # hostname-strict-backchannel = true; - }; - - database = { - host = values.hosts.bicep.ipv4; - createLocally = false; - passwordFile = config.sops.secrets."keys/postgres/keycloak".path; - caCert = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - }; - }; -} diff --git a/secrets/bekkalokk/bekkalokk.yaml b/secrets/bekkalokk/bekkalokk.yaml index 9ba2100..152bafc 100644 --- a/secrets/bekkalokk/bekkalokk.yaml +++ b/secrets/bekkalokk/bekkalokk.yaml @@ -15,8 +15,6 @@ mediawiki: postgres_password: ENC[AES256_GCM,data:FzykBVtJbA+Bey1GE5VqnSuv2GeobH1j,iv:wayQH3+y0FYFkr3JjmulI53SADk0Ikur/2mUS5kFrTk=,tag:d+nQ/se2bDA5aaQfBicnPQ==,type:str] cookie_salt: ENC[AES256_GCM,data:BioRPAvL4F9ORBJDFdqHot81RhVpAOf32v1ah3pvOLq8E88bxGyKFQZxAwpIL3UkWQIsWMnEerm5MEMYL1C2OQ==,iv:yMVqiPTQ8hO1IVAax6PIkD0V9YTOEunwDTtnGcmy6Kc=,tag:Z4+bZF4olLlkx7YpXeQiUw==,type:str] admin_password: ENC[AES256_GCM,data:4eUXvcO7NLOWke9XShfKzj+x3FvqPONa,iv:3iZ+BTBTZ7yMJ0HT14cEMebKZattWUcYEevRsl/6WOk=,tag:CU0iDhPP2ndztdX5U5A4cw==,type:str] -keycloak: - database: ENC[AES256_GCM,data:76+AZnNR5EiturTP7BdOCKE90bFFkfGlRtviSP5NHxPbb3RfFPJEMlwtzA==,iv:nS7VTossHdlrHjPeethhX+Ysp9ukrb5JD7kjG28OFpY=,tag:OMpiEv9nQA7v6lWJfNxEEw==,type:str] idp: cookie_salt: ENC[AES256_GCM,data:cyV6HDCPHKQIa8T1+rFBFh6EuHtG5B508lg6uFYENK7qVpYuiTUIokdVQhY8SRLs2mECx/ampgnUHxCRB/Cc/A==,iv:QRrRUhzRQrLkmg38rrYtCEfF8U4/7ZHZUDSEq++BlbI=,tag:fLqFSLd+CKqJvmCh1fx8vg==,type:str] admin_password: ENC[AES256_GCM,data:Vf33Oenk6x6BIij1uW8RQDjTPcKhUVYA,iv:RNeyCNpTAYdBPrZwE3Y6CCjoAML/3XUvjfJCrr06IEU=,tag:zVOrx1oXnEyr/VwFCFaCDQ==,type:str] @@ -62,8 +60,8 @@ sops: akVjeTNTeGorZjJQOVlMeCtPRUVYL3MK+VMvGxrbzGz4Q3sdaDDWjal+OiK+JYKX GHiMXVHQJZu/RrlxMjHKN6V3iaqxZpuvLAEJ2Lzy5EOHPtuiiRyeHQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-08T20:36:13Z" - mac: ENC[AES256_GCM,data:IObBR2H3cPIvBNWSo7A5xwyKeg2HbFkfxcU1U5BpRx2gvNb9/h7lextQ6IWPHOS/LZRXY+lZdhX6zLf6aLQjxTATZcrcF2BIu6YM5wppXOjVxhy3dkItU5TGPuxBdZEZ1bEpFu3B1Ooc1UdWvEWqZz2Mcn2akoX53Mj2vU8WGO8=,iv:fHvPHO33y6y3OSbVkojw2+XnpCNHO1AnCm2RnuwxPVA=,tag:m44YZd4Q4DEHCoDCoayqsg==,type:str] + lastmodified: "2024-04-14T21:58:31Z" + mac: ENC[AES256_GCM,data:+o7YvaaKTjN/uZT5mv3z9FgIbXwG4NPJePWwRmtkBINn9X+vrCmYOXqWhKw7qfInn4Ftcg0FA7cYFZe5Pv8MNp+f8v1yoiLrVX12cxmEYtqTXJz7pNeD2st1YjGJKihNi2/fyCCf4YBCGN+8Ze//HeVf7/tfWNB+ysyC9g9Tze4=,iv:C6XBCVXn8GuNeaWGdJRnUIh1us0i8fSoxu9Sx7Feb58=,tag:W0RLPPv7eP5kCNrhMG3z7A==,type:str] pgp: - created_at: "2023-05-21T00:28:40Z" enc: |