about summary refs log tree commit diff
path: root/ops/nixos/tvl-sso/default.nix
# Configures an Apereo CAS instance for TVL SSO
{ depot, ... }:

let
  inherit (depot.third_party) apereo-cas;
in {
  config = {
    environment.systemPackages = [ apereo-cas ];
    systemd.services.apereo-cas = {
      description = "Apereo CAS Single Sign On server";
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" ];
      serviceConfig = {
        User = "apereo-cas";
        Group = "apereo-cas";
        ExecStart = "${apereo-cas}/bin/cas";
        EnvironmentFile = "/etc/cas/secrets";
        Restart = "always";
      };
    };
    users.users.apereo-cas = {};
    users.groups.apereo-cas = {};
  };
}