xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixos-config/machines/massicot/kanidm-provision.nix
xinyangli 4736eb810c
flake.lock: Update 
Flake lock file updates:

• Updated input 'catppuccin':
    'github:catppuccin/nix/630b559cc1cb4c0bdd525af506935323e4ccd5d1' (2024-09-21)
  → 'github:catppuccin/nix/96cf8b4a05fb23a53c027621b1147b5cf9e5439f' (2024-10-08)
• Updated input 'colmena':
    'github:zhaofengli/colmena/cd65ef7a25cdc75052fbd04b120aeb066c3881db' (2024-03-25)
  → 'github:zhaofengli/colmena/b0a62f234fae02a006123e661ff70e62af16106b' (2024-10-07)
• Updated input 'home-manager':
    'github:nix-community/home-manager/21c021862fa696c8199934e2153214ab57150cb6' (2024-09-23)
  → 'github:nix-community/home-manager/64c6325b28ebd708653dd41d88f306023f296184' (2024-10-13)
• Updated input 'nix-index-database':
    'github:Mic92/nix-index-database/c7515c2fdaf2e1f3f49856cef6cec95bb2138417' (2024-09-22)
  → 'github:Mic92/nix-index-database/5c54c33aa04df5dd4b0984b7eb861d1981009b22' (2024-10-13)
• Updated input 'nix-vscode-extensions':
    'github:nix-community/nix-vscode-extensions/487e99ffa42d57de53eba5ca4b60cd95fb442c42' (2024-09-24)
  → 'github:nix-community/nix-vscode-extensions/018196c371073d669510fd69dd2f6dc0ec608c41' (2024-10-06)
• Updated input 'nixos-hardware':
    'github:NixOS/nixos-hardware/d0cb432a9d28218df11cbd77d984a2a46caeb5ac' (2024-09-22)
  → 'github:NixOS/nixos-hardware/a8dd1b21995964b115b1e3ec639dd6ce24ab9806' (2024-10-12)
• Updated input 'nixpkgs':
    'github:xinyangli/nixpkgs/1b7b0516e42e87d04944092f04e85a393f12e3a8' (2024-09-24)
  → 'github:xinyangli/nixpkgs/6e5bbf8c5a13f682d0d223b8c109e270fed721d8' (2024-10-14)
• Updated input 'nixpkgs-stable':
    'github:nixos/nixpkgs/23cbb250f3bf4f516a2d0bf03c51a30900848075' (2024-09-22)
  → 'github:nixos/nixpkgs/a3f9ad65a0bf298ed5847629a57808b97e6e8077' (2024-10-12)
• Updated input 'nur':
    'github:nix-community/NUR/819ed7a5b7dfec428810dfa1403d4fcb5cad44f3' (2024-09-24)
  → 'github:nix-community/NUR/97bf2fe3008121ebd4a71ffc01ddd6bb8a6345c2' (2024-10-14)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/e2d404a7ea599a013189aa42947f66cede0645c8' (2024-09-16)
  → 'github:Mic92/sops-nix/06535d0e3d0201e6a8080dd32dbfde339b94f01b' (2024-10-08)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/dc454045f5b5d814e5862a6d057e7bb5c29edc05' (2024-09-08)
  → 'github:NixOS/nixpkgs/17ae88b569bb15590549ff478bab6494dde4a907' (2024-10-05)

flake.lock: Update

Flake lock file updates:

• Updated input 'nixpkgs':
    'github:xinyangli/nixpkgs/6e5bbf8c5a13f682d0d223b8c109e270fed721d8' (2024-10-14)
  → 'github:xinyangli/nixpkgs/5f7b4a8a49de5fb589a4f67f1ec888382312a490' (2024-10-14)

fix: unused secret

flake.lock: Update

Flake lock file updates:

• Updated input 'my-nixvim':
    'git+https://git.xinyang.life/xin/nixvim?ref=refs/heads/master&rev=7e0140a6a9eff2ab3292d8269bc99efeb3581835' (2024-09-02)
  → 'git+https://git.xinyang.life/xin/nixvim?ref=refs/heads/master&rev=c72cb643b40a030e1cdc1930f63dc0c2a808faaf' (2024-10-14)
• Updated input 'my-nixvim/flake-parts':
    'github:hercules-ci/flake-parts/8471fe90ad337a8074e957b69ca4d0089218391d' (2024-08-01)
  → 'github:hercules-ci/flake-parts/3d04084d54bedc3d6b8b736c70ef449225c361b1' (2024-10-01)
• Updated input 'my-nixvim/flake-parts/nixpkgs-lib':
    'a5d394176e.tar.gz?narHash=sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q%3D' (2024-08-01)
  → 'fb192fec7c.tar.gz?narHash=sha256-0xHYkMkeLVQAMa7gvkddbPqpxph%2BhDzdu1XdGPJR%2BOs%3D' (2024-10-01)
• Updated input 'my-nixvim/nixvim':
    'github:nix-community/nixvim/cb413995e1e101c76d755b7f131ce60c7ea3985d' (2024-08-20)
  → 'github:nix-community/nixvim/619e24366e8ad34230d65a323d26ca981bfa6927' (2024-10-13)
• Updated input 'my-nixvim/nixvim/devshell':
    'github:numtide/devshell/67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae' (2024-07-27)
  → 'github:numtide/devshell/dd6b80932022cea34a019e2bb32f6fa9e494dfef' (2024-10-07)
• Updated input 'my-nixvim/nixvim/flake-parts':
    'github:hercules-ci/flake-parts/8471fe90ad337a8074e957b69ca4d0089218391d' (2024-08-01)
  → 'github:hercules-ci/flake-parts/3d04084d54bedc3d6b8b736c70ef449225c361b1' (2024-10-01)
• Updated input 'my-nixvim/nixvim/git-hooks':
    'github:cachix/git-hooks.nix/bfef0ada09e2c8ac55bbcd0831bd0c9d42e651ba' (2024-08-16)
  → 'github:cachix/git-hooks.nix/eb74e0be24a11a1531b5b8659535580554d30b28' (2024-10-12)
• Updated input 'my-nixvim/nixvim/home-manager':
    'github:nix-community/home-manager/2598861031b78aadb4da7269df7ca9ddfc3e1671' (2024-08-18)
  → 'github:nix-community/home-manager/d57112db877f07387ce7104b5ac346ede556d2d7' (2024-10-12)
• Updated input 'my-nixvim/nixvim/nix-darwin':
    'github:lnl7/nix-darwin/076b9a905af8a52b866c8db068d6da475839d97b' (2024-08-17)
  → 'github:lnl7/nix-darwin/48b50b3b137be5cfb9f4d006835ce7c3fe558ccc' (2024-10-08)
• Updated input 'my-nixvim/nixvim/nixpkgs':
    'github:NixOS/nixpkgs/8a3354191c0d7144db9756a74755672387b702ba' (2024-08-18)
  → 'github:NixOS/nixpkgs/5633bcff0c6162b9e4b5f1264264611e950c8ec7' (2024-10-09)
• Updated input 'my-nixvim/nixvim/nuschtosSearch':
    'github:NuschtOS/search/a05d1805f2a2bc47d230e5e92aecbf69f784f3d0' (2024-08-18)
  → 'github:NuschtOS/search/9578d865b081c29ae98131caf7d2f69a42f0ca6e' (2024-10-12)
• Updated input 'my-nixvim/nixvim/nuschtosSearch/flake-utils':
    'github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a' (2024-03-11)
  → 'github:numtide/flake-utils/c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a' (2024-09-17)
• Updated input 'my-nixvim/nixvim/treefmt-nix':
    'github:numtide/treefmt-nix/1d07739554fdc4f8481068f1b11d6ab4c1a4167a' (2024-08-16)
  → 'github:numtide/treefmt-nix/4446c7a6fc0775df028c5a3f6727945ba8400e64' (2024-10-03)

flake.lock: Update

Flake lock file updates:

• Updated input 'my-nixvim':
    'git+https://git.xinyang.life/xin/nixvim?ref=refs/heads/master&rev=c72cb643b40a030e1cdc1930f63dc0c2a808faaf' (2024-10-14)
  → 'git+https://git.xinyang.life/xin/nixvim?ref=refs/heads/master&rev=90a9302a0a028b9359a3c49e56841bff58c72ab6' (2024-10-14)
• Updated input 'nur':
    'github:nix-community/NUR/97bf2fe3008121ebd4a71ffc01ddd6bb8a6345c2' (2024-10-14)
  → 'github:nix-community/NUR/6f359b976f93fc46a3674b2a92ffb79dad8e8840' (2024-10-14)

flake.lock: Update

Flake lock file updates:

• Updated input 'my-nixvim':
    'git+https://git.xinyang.life/xin/nixvim?ref=refs/heads/master&rev=90a9302a0a028b9359a3c49e56841bff58c72ab6' (2024-10-14)
  → 'git+https://git.xinyang.life/xin/nixvim?ref=refs/heads/master&rev=0df66b4ab6faf481b1a94dd2edef66eec8e1efde' (2024-10-14)
• Updated input 'nur':
    'github:nix-community/NUR/6f359b976f93fc46a3674b2a92ffb79dad8e8840' (2024-10-14)
  → 'github:nix-community/NUR/23d88faa35dc9de0e35fc3dc2a863c4cf451a8f8' (2024-10-14)
2024-10-14 12:14:58 +08:00

201 lines
4.9 KiB
Nix
Raw Blame History

{ config, lib, ... }:
{
services.kanidm.provision = {
enable = true;
autoRemove = true;
groups = {
forgejo-access = {
members = [ "xin" ];
};
forgejo-admin = {
members = [ "xin" ];
};
gts-users = {
members = [ "xin" ];
};
ocis-users = {
members = [ "xin" ];
};
linux_users = {
members = [ "xin" ];
};
hedgedoc-users = {
members = [ "xin" ];
};
immich-users = {
members = [
"xin"
"zhuo"
"ycm"
"yzl"
];
};
grafana-superadmins = {
members = [ "xin" ];
};
grafana-admins = {
members = [ "xin" ];
};
grafana-editors = {
members = [ "xin" ];
};
grafana-users = {
members = [ "xin" ];
};
miniflux-users = {
members = [ "xin" ];
};
idm_people_self_mail_write = {
members = [ ];
};
};
persons = {
xin = {
displayName = "Xinyang Li";
mailAddresses = [ "lixinyang411@gmail.com" ];
};
zhuo = {
displayName = "Zhuo";
mailAddresses = [ "13681104320@163.com" ];
};
ycm = {
displayName = "Chunming";
mailAddresses = [ "chunmingyou@gmail.com" ];
};
yzl = {
displayName = "Zhengli Yang";
mailAddresses = [ "13391935399@189.cn" ];
};
};
systems.oauth2 = {
forgejo = {
displayName = "ForgeJo";
originUrl = "https://git.xinyang.life/";
originLanding = "https://git.xinyang.life/user/oauth2/kandim";
allowInsecureClientDisablePkce = true;
scopeMaps = {
forgejo-access = [
"openid"
"email"
"profile"
"groups"
];
};
claimMaps = {
forgejo_role = {
joinType = "array";
valuesByGroup = {
forgejo-access = [ "Access" ];
forgejo-admin = [ "Admin" ];
};
};
};
};
gts = {
displayName = "GoToSocial";
originUrl = "https://xinyang.life/";
originLanding = "https://xinyang.life/";
allowInsecureClientDisablePkce = true;
scopeMaps = {
gts-users = [
"openid"
"email"
"profile"
"groups"
];
};
};
# It's used for all the clients. I'm too lazy to change the name.
owncloud-android = {
displayName = "ownCloud Apps";
originLanding = "https://drive.xinyang.life:8443/";
originUrl = [
"http://localhost:38622/"
"http://localhost:43580/"
"https://drive.xinyang.life:8443/"
# TODO: Should allow mobile redirect url not ending with /
# "oc://android.owncloud.com"
];
public = true;
preferShortUsername = true;
scopeMaps = {
ocis-users = [
"openid"
"email"
"profile"
"offline_access"
];
};
};
hedgedoc = {
displayName = "HedgeDoc";
originUrl = "https://docs.xinyang.life/";
originLanding = "https://docs.xinyang.life/auth/oauth2";
allowInsecureClientDisablePkce = true;
scopeMaps = {
hedgedoc-users = [
"openid"
"email"
"profile"
];
};
};
immich = {
displayName = "Immich";
originUrl = [
"https://immich.xinyang.life:8000/api/oauth/mobile-redirect/"
"https://immich.xinyang.life:8000/auth/login/"
"https://immich.xinyang.life:8000/user-settings/"
];
originLanding = "https://immich.xinyang.life:8000/auth/login?autoLaunch=0";
allowInsecureClientDisablePkce = true;
scopeMaps = {
immich-users = [
"openid"
"email"
"profile"
];
};
};
miniflux = {
displayName = "Miniflux";
originUrl = "https://rss.xinyang.life/";
originLanding = "https://rss.xinyang.life/";
scopeMaps = {
miniflux-users = [
"openid"
"email"
"profile"
];
};
};
grafana = {
displayName = "Grafana";
originUrl = "https://grafana.xinyang.life/";
originLanding = "https://grafana.xinyang.life/";
scopeMaps = {
grafana-users = [
"openid"
"email"
"profile"
"groups"
];
};
claimMaps = {
grafana_role = {
joinType = "array";
valuesByGroup = {
grafana-superadmins = [ "GrafanaAdmin" ];
grafana-admins = [ "Admin" ];
grafana-editors = [ "Editor" ];
};
};
};
};
};
};
}
Reference in a new issue View git blame Copy permalink