From 71d8bff1e64a0eed219b05b6a080e866a8272c27 Mon Sep 17 00:00:00 2001
From: Eli Ribble <eli@gleipnir.technology>
Date: Fri, 18 Jul 2025 19:04:50 +0000
Subject: [PATCH] Enable redis within the authentik pod, add redis to corp

We put it in the pod because I don't know how to make it accessible to
things in the bod without binding all host addresses. There's probably a
sophisticated way to do it correctly, but I don't want to figure it out
yet.
---
 host/corp/configuration.nix  | 1 +
 modules/system/authentik.nix | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/host/corp/configuration.nix b/host/corp/configuration.nix
index 94a3748..266bac7 100644
--- a/host/corp/configuration.nix
+++ b/host/corp/configuration.nix
@@ -19,6 +19,7 @@
 		wget
 	];
 	myModules = {
+		authentik.enable = true;
 		onlyoffice.enable = true;
 		seafile.enable = true;
 		synapse.enable = true;
diff --git a/modules/system/authentik.nix b/modules/system/authentik.nix
index a580a03..f397918 100644
--- a/modules/system/authentik.nix
+++ b/modules/system/authentik.nix
@@ -34,6 +34,10 @@ with lib;
 			isSystemUser = true;
 		};
 		virtualisation.oci-containers.containers = {
+			authentik-redis = {
+				extraOptions = [ "--pod=authentik" ];
+				image = "docker.io/redis:8.0.3-alpine";
+			};
 			authentik-server = {
 				cmd = ["server"];
 				environmentFiles = [