Get authentik working on the new corp server without podman

The podman integration was pretty janky because it relied on running a
pod and the NixOS integration with pods are essentially non-existent.
This led to issues with the port being improperly forwarded when
partially restarted.

Now instead I use a flake dedicated to running authentik. This allows me
to specify some of the config in the module directly and some in
secrets, which is really nice. I've additionally added some changes to
the listen address so that the service isn't exposed over public IP
addresses.

flake.nix

@@ -2,6 +2,9 @@
 	description = "Multi-host NixOS configuration";
 
 	inputs = {
+		authentik-nix = {
+			url = "github:nix-community/authentik-nix";
+		};
 		disko = {
 			inputs.nixpkgs.follows = "nixpkgs";
 			url = "github:nix-community/disko";
@@ -18,7 +21,7 @@
 		sops-nix.url = "github:Mic92/sops-nix";
 	};
 
-	outputs = { self, disko, home-manager, nixpkgs, nixvim, sops-nix, ...}:
+	outputs = { self, authentik-nix, disko, home-manager, nixpkgs, nixvim, sops-nix, ...}:
 		let
 			configFiles = pkgs.stdenv.mkDerivation {
 			name = "config-files";
@@ -34,15 +37,15 @@
 			nixosConfigurations = {
 				corp = import ./system.nix {
 					configuration = ./host/corp/configuration.nix;
-					inherit configFiles disko home-manager nixpkgs nixvim sops-nix system;
+					inherit authentik-nix configFiles disko home-manager nixpkgs nixvim sops-nix system;
 				};
 				"sync.nidus.cloud" = import ./system.nix {
 					configuration = ./host/sync/configuration.nix;
-					inherit configFiles disko home-manager nixpkgs nixvim sops-nix system;
+					inherit authentik-nix configFiles disko home-manager nixpkgs nixvim sops-nix system;
 				};
 				test-corp = nixpkgs.lib.nixosSystem {
 					configuration = ./host/test-corp/configuration.nix;
-					inherit configFiles disko home-manager nixpkgs nixvim sops-nix system;
+					inherit authentik-nix configFiles disko home-manager nixpkgs nixvim sops-nix system;
 				};
 			};
 		};