openid: Force nginx app, allow to change only access_role

2022-11-11 19:08:00 +01:00 · 2022-11-11 19:08:00 +01:00 · 8118462f59
commit 8118462f59
parent 0ac62bb2ae
1 changed files with 4 additions and 4 deletions
--- a/hosts/architect/openid.nix
+++ b/hosts/architect/openid.nix
@ -2,12 +2,12 @@

 {
  openresty_oidc_block =
-    { realm, client_id, client_secret, redirect_uri, access_role ? "" }: ''
+    { access_role ? "" }: ''
      access_by_lua_block {
        local opts = {
-          discovery = "https://auth.giugl.io/realms/${realm}/.well-known/openid-configuration",
-          client_id = "${client_id}",
-          client_secret = "${client_secret}",
+          discovery = "https://auth.giugl.io/realms/master/.well-known/openid-configuration",
+          client_id = "nginx",
+          client_secret = "9C6BYxPhTbrRS4DIwd3Smk7e11ABmnt8",
          logout_path = "/logout",
          redirect_after_logout_uri = "/",
          redirect_uri = "/redirect_uri",