From 35dbc4f40e1d238392db7dcc19695e91c16d8f6a Mon Sep 17 00:00:00 2001
From: Giulio De Pasquale <depasquale+git@giugl.io>
Date: Fri, 28 Oct 2022 14:56:40 +0200
Subject: [PATCH] nzbget: Add OpenID auth

---
 hosts/architect/nzbget.nix | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/hosts/architect/nzbget.nix b/hosts/architect/nzbget.nix
index 8875098..27fcb67 100644
--- a/hosts/architect/nzbget.nix
+++ b/hosts/architect/nzbget.nix
@@ -3,6 +3,7 @@
 let
   domain = "htnzb.giugl.io";
   network = import ./network.nix;
+  auth_block = (import ./openid.nix).openresty_oidc_block;
 in {
   services = {
     nzbget = {
@@ -15,11 +16,12 @@ in {
       enableACME = true;
       locations."/" = {
         proxyPass = "http://localhost:6789";
-        extraConfig = ''
-          allow 10.0.0.0/24;
-          ${lib.concatMapStrings (x: "allow ${x};") network.gdevices-wg}
-          deny all;
-        '';
+        extraConfig = auth_block {
+          realm = "master";
+          client_id = "nzbget";
+          client_secret = "tkjzdqnUoWTlGUYah5tgMqVPFMlOUvk9";
+          redirect_uri = "https://${domain}";
+        };
       };
     };
   };