diff options
author | Vincent Ambo <mail@tazj.in> | 2022-04-21T14·36+0200 |
---|---|---|
committer | clbot <clbot@tvl.fyi> | 2022-04-21T16·54+0000 |
commit | c05c4995abab6fd8e5eaab861b8d14febf76a3b8 (patch) | |
tree | b854b96bdff1b0647170d5d1abd6e8c9d8fef1e7 /ops/machines/whitby/default.nix | |
parent | 95cfd6630b55a8a57bccf7a82a067d5154e98b37 (diff) |
chore(3p/sources): Bump channels and overlays r/3986
Changes: * updated keycloak configuration for new version * migrate to emacs28 outside of //users, re-add emacs27 but with a warning attached urging people to migrate Change-Id: I3e5765a63934541f72f6c4a8673d3b4671850c93 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5501 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: wpcarro <wpcarro@gmail.com>
Diffstat (limited to 'ops/machines/whitby/default.nix')
-rw-r--r-- | ops/machines/whitby/default.nix | 19 |
1 files changed, 6 insertions, 13 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 3fc708e690d1..5de8481878bf 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -604,25 +604,18 @@ in services.keycloak = { enable = true; httpPort = "5925"; # "kycl" - frontendUrl = "https://auth.tvl.fyi/auth/"; + + settings = { + hostname = "auth.tvl.fyi"; + http-relative-path = "/auth"; + proxy = "edge"; + }; database = { type = "postgresql"; passwordFile = "/run/agenix/keycloak-db"; createLocally = false; }; - - # Configure Keycloak to look at forwarded headers from the reverse - # proxy. - extraConfig = { - "subsystem=undertow" = { - "server=default-server" = { - "http-listener=default" = { - proxy-address-forwarding = "true"; - }; - }; - }; - }; }; # Allow Keycloak access to the LDAP module by forcing in the JVM |