From ae39f02812bcfe903e956220c890bfb7b9bb9ff4 Mon Sep 17 00:00:00 2001
From: Emile <git@emile.space>
Date: Wed, 19 Feb 2025 19:53:25 +0100
Subject: removed the backend, added the frontend with oidc support

So I've added oidc support which is nice, yet I have to test this
with some https foo, so I'm pushing this.
---
 nix/hosts/corrino/www/templates/goapp/default.nix | 30 +++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 nix/hosts/corrino/www/templates/goapp/default.nix

(limited to 'nix/hosts/corrino/www')

diff --git a/nix/hosts/corrino/www/templates/goapp/default.nix b/nix/hosts/corrino/www/templates/goapp/default.nix
new file mode 100644
index 0000000..716d6ab
--- /dev/null
+++ b/nix/hosts/corrino/www/templates/goapp/default.nix
@@ -0,0 +1,30 @@
+
+{
+  services.authelia.instances.main.settings.identity_providers.oidc.clients = [
+    {
+      id = "goapp";
+
+      # ; nix run nixpkgs#authelia -- crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986
+      secret = "$pbkdf2-sha512$310000$WUai4pp1ZVJDrJ8j6ICLiQ$NOMMaCZ3gt.x.a09MWatMkJWQIaH0QeWgRXSbuD2iWRwR.N6MWmJA6QO.LIKcxn6l.zHZN4bO1Ztsrbo9010Tw";
+      public = false;
+      authorization_policy = "two_factor";
+      redirect_uris = [ "https://127.0.0.1:8080/auth/oauth2/callback" ];
+      scopes = [
+        "openid"
+        "email"
+        "profile"
+      ];
+      grant_types = [
+        "refresh_token"
+        "authorization_code"
+      ];
+      response_types = [ "code" ];
+      response_modes = [
+        "form_post"
+        "query"
+        "fragment"
+      ];
+      token_endpoint_auth_method = "client_secret_post";
+    }
+  ];
+}
-- 
cgit 1.4.1