hackclub/burrow
1
0
Fork 0
Code Pull requests Releases Packages Activity Actions

Enable Google Authentik login on forge

Browse source
This commit is contained in:
Conrad Kramer 2026-03-31 23:28:35 -07:00
parent 20964e8ed7
commit be5b7d90db
8 changed files with 389 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

14
nixos/hosts/burrow-forge/default.nix
View file

@ -33,6 +33,18 @@
group = "root";
mode = "0400";
};
age.secrets.burrowAuthentikGoogleClientId = {
file = ../../../secrets/infra/authentik-google-client-id.age;
owner = "root";
group = "root";
mode = "0400";
};
age.secrets.burrowAuthentikGoogleClientSecret = {
file = ../../../secrets/infra/authentik-google-client-secret.age;
owner = "root";
group = "root";
mode = "0400";
};
networking.extraHosts = ''
127.0.0.1 burrow.net git.burrow.net auth.burrow.net ts.burrow.net nsc-autoscaler.burrow.net
@ -69,6 +81,8 @@
enable = true;
envFile = config.age.secrets.burrowAuthentikEnv.path;
headscaleClientSecretFile = config.age.secrets.burrowHeadscaleOidcClientSecret.path;
googleClientIDFile = config.age.secrets.burrowAuthentikGoogleClientId.path;
googleClientSecretFile = config.age.secrets.burrowAuthentikGoogleClientSecret.path;
};
services.burrow.headscale = {