about summary refs log tree commit diff
path: root/nix
diff options
context:
space:
mode:
authorEmile <git@emile.space>2024-07-21 17:49:34 +0200
committerEmile <git@emile.space>2024-07-21 17:49:34 +0200
commit16ca088c2a601ef78e43024b3e6050e1fc86b0b0 (patch)
tree2d48f1c06e3fd1926d7ac9a37f7d2b6e93fbb295 /nix
parent0adf33787b5394b1cde4769bf2206ba252a26237 (diff)
authelia sso setting changes
Diffstat (limited to 'nix')
-rw-r--r--nix/hosts/corrino/modules/authelia.emile.space.nix18
1 files changed, 13 insertions, 5 deletions
diff --git a/nix/hosts/corrino/modules/authelia.emile.space.nix b/nix/hosts/corrino/modules/authelia.emile.space.nix
index e96d0ca..4a4a72a 100644
--- a/nix/hosts/corrino/modules/authelia.emile.space.nix
+++ b/nix/hosts/corrino/modules/authelia.emile.space.nix
@@ -111,7 +111,7 @@ in {
 
 				# we're using a file to store the user information
 				authentication_backend = {
-					refresh_interval = "1m";
+					refresh_interval = "20s";
 					file = {
 						path = "/var/lib/authelia-main/user.yml";
 						watch = true;
@@ -159,11 +159,11 @@ in {
 
 				identity_providers = {
 					oidc = {
-						# regenerate keys like this:
-						# ; nix run nixpkgs#authelia -- crypto certificate rsa generate
-						# current serial: deb83f17e27e663f544a16ad2947631d
+							# regenerate keys like this:
+							# ; nix run nixpkgs#authelia -- crypto certificate rsa generate
+							# current serial: deb83f17e27e663f544a16ad2947631d
 
-						enable_client_debug_messages = false;
+							enable_client_debug_messages = false;
 							minimum_parameter_entropy = 8;
 							enforce_pkce = "public_clients_only";
 							enable_pkce_plain_challenge = false;
@@ -201,6 +201,14 @@ in {
 				  skew = 1;
 				  secret_size = 32;
 				};
+
+				ntp = {
+				  address = "time.cloudflare.com:123";
+				  version = 3;
+				  max_desync = "3s";
+				  disable_startup_check = false;
+				  disable_failure = false;
+				};
 			};
 		};
 	};