peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

openid: Force nginx app, allow to change only access_role

Browse Source
This commit is contained in:
Giulio De Pasquale 2022-11-11 19:08:00 +01:00
parent 0ac62bb2ae
commit 8118462f59
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hosts/architect/openid.nix
View File

@ -2,12 +2,12 @@
{ {
openresty_oidc_block = openresty_oidc_block =
{ realm, client_id, client_secret, redirect_uri, access_role ? "" }: '' { access_role ? "" }: ''
access_by_lua_block { access_by_lua_block {
local opts = { local opts = {
discovery = "https://auth.giugl.io/realms/${realm}/.well-known/openid-configuration", discovery = "https://auth.giugl.io/realms/master/.well-known/openid-configuration",
client_id = "${client_id}", client_id = "nginx",
client_secret = "${client_secret}", client_secret = "9C6BYxPhTbrRS4DIwd3Smk7e11ABmnt8",
logout_path = "/logout", logout_path = "/logout",
redirect_after_logout_uri = "/", redirect_after_logout_uri = "/",
redirect_uri = "/redirect_uri", redirect_uri = "/redirect_uri",