diff options
Diffstat (limited to 'ops/machines/whitby')
-rw-r--r-- | ops/machines/whitby/default.nix | 19 |
1 files changed, 6 insertions, 13 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 3fc708e690d1..5de8481878bf 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -604,25 +604,18 @@ in services.keycloak = { enable = true; httpPort = "5925"; # "kycl" - frontendUrl = "https://auth.tvl.fyi/auth/"; + + settings = { + hostname = "auth.tvl.fyi"; + http-relative-path = "/auth"; + proxy = "edge"; + }; database = { type = "postgresql"; passwordFile = "/run/agenix/keycloak-db"; createLocally = false; }; - - # Configure Keycloak to look at forwarded headers from the reverse - # proxy. - extraConfig = { - "subsystem=undertow" = { - "server=default-server" = { - "http-listener=default" = { - proxy-address-forwarding = "true"; - }; - }; - }; - }; }; # Allow Keycloak access to the LDAP module by forcing in the JVM |