nix/machines
1
0
Fork 0
Code Issues Releases Packages Activity Actions

Roundcube oauth2 login working
Some checks failed
/ check (push) Failing after 55s
Details
/ dev-shell (push) Successful in 40s
Details
/ rust-packages (push) Successful in 46s
Details
/ terraform-providers (push) Successful in 40s
Details
/ systems (push) Successful in 3m51s
Details

Browse source
This commit is contained in:
Kaare Hoff Skovgaard 2025-07-29 16:02:01 +02:00
parent 4d48bc1457
commit b59ad3af51
Signed by: khs
GPG key ID: C7D890804F01E9F0
1 changed files with 2 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
nix/modules/nixos/infrastructure/mailserver/openid-connect.nix
View file

@ -1,7 +1,7 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.khscodes.infrastructure.mailserver; cfg = config.khscodes.infrastructure.mailserver;
oauthConfigFile = "/run/dovecot2/dovecot-oauth2.conf.ext"; oauthConfigFile = "/run/secret/dovecot/dovecot-oauth2.conf.ext";
in in
{ {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
@ -10,9 +10,8 @@ in
contents = '' contents = ''
{{- with secret "kanidm/data/apps/dovecot" -}} {{- with secret "kanidm/data/apps/dovecot" -}}
scope = email openid profile scope = email openid profile
username_attribute = preferred_username username_attribute = username
debug = yes debug = yes
tokeninfo_url = https://dovecot:{{ .Data.data.basic_secret }}@login.kaareskovgaard.net/oauth2/openid/dovecot/userinfo?access_token=
introspection_url = https://dovecot:{{ .Data.data.basic_secret }}@login.kaareskovgaard.net/oauth2/token/introspect introspection_url = https://dovecot:{{ .Data.data.basic_secret }}@login.kaareskovgaard.net/oauth2/token/introspect
introspection_mode = post introspection_mode = post
{{- end -}} {{- end -}}