feat: authentik

2026-03-22 19:22:47 +01:00 · 2026-03-22 19:22:47 +01:00 · b0c56c61b5
commit b0c56c61b5
parent 3251ac1aee
6 changed files with 334 additions and 32 deletions
--- a/hosts/goingmerry/configuration.nix
+++ b/hosts/goingmerry/configuration.nix
@ -319,7 +319,7 @@
    fprintd.enable = true;
    blueman.enable = true;
    onedrive.enable = true;
-    udev.packages = [ pkgs.yubikey-personalization ];
+    udev.packages = [pkgs.yubikey-personalization];
  };

  # List services that you want to enable:
--- a/hosts/hitsugibune/authentik.nix
+++ b/hosts/hitsugibune/authentik.nix
@ -0,0 +1,20 @@
+{config, ...}: {
+  age.secrets.authentik-env = {
+    file = ../../secrets/authentik.age;
+  };
+
+  services.authentik = {
+    enable = true;
+    environmentFile = config.age.secrets.authentik-env.path;
+    settings = {
+      disable_startup_analytics = true;
+      avatars = "initials";
+    };
+
+    nginx = {
+      enable = true;
+      enableACME = true;
+      host = "auth.sprechtl.me";
+    };
+  };
+}