Remove old commented-out authentik logic
This has been replaced with a separate authentik flake
This commit is contained in:
parent
bbc2bbb5e1
commit
9020b3e6d5
2 changed files with 10 additions and 41 deletions
10
README.md
10
README.md
|
|
@ -44,6 +44,16 @@ $ digitalocean/create-droplet.sh
|
|||
|
||||
### Convert to NixOS with nixos-anywhere
|
||||
|
||||
First log in to the host using regular credentials. Set up an ssh key for root access.
|
||||
|
||||
Get the disk layout using `/sbin/fdisk -l`. You're looking to figure out which disk is the boot disk and which isn't. Then update the `disk-config.nix` file for the matching provider to ensure that the boot disk gets written.
|
||||
|
||||
Then check the network configuration via `ip route` and `ip addr` or `/etc/network/interfaces`. Update the network configuration at `network.nix` to match.
|
||||
|
||||
Generate the hardware configuration
|
||||
```
|
||||
$ cd nixos-anywhere
|
||||
$ nix run github:nix-community/nixos-anywhere -- --flake ./#digitalocean --generate-hardware-config nixos-generate-config ./nocix/hardware-configuration --target-host root@1.2.3.4
|
||||
```
|
||||
$ cd nixos-anywhere
|
||||
$ nix run github:nix-community/nixos-anywhere -- --flake ./#digitalocean --target-host root@1.2.3.4
|
||||
|
|
|
|||
|
|
@ -53,16 +53,6 @@ with lib;
|
|||
restartUnits = ["authentik" "authentik-migrate" "authentik-worker"];
|
||||
sopsFile = ../../secrets/authentik.env;
|
||||
};
|
||||
# systemd.services.podman-create-authentik-pod = with config.virtualisation.oci-containers; {
|
||||
# serviceConfig.Type = "oneshot";
|
||||
# wantedBy = [ "${backend}-authentik-server.service" "${backend}-authentik-worker.service"];
|
||||
# script = ''
|
||||
# ${pkgs.podman}/bin/podman pod exists authentik || \
|
||||
# ${pkgs.podman}/bin/podman pod create \
|
||||
# --name authentik \
|
||||
# -p 127.0.0.1:10000:9000
|
||||
# '';
|
||||
# };
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /opt/authentik/certs 0755 authentik authentik"
|
||||
"d /opt/authentik/media 0755 authentik authentik"
|
||||
|
|
@ -74,36 +64,5 @@ with lib;
|
|||
isNormalUser = false;
|
||||
isSystemUser = true;
|
||||
};
|
||||
# virtualisation.oci-containers.containers = {
|
||||
# authentik-redis = {
|
||||
# extraOptions = [ "--pod=authentik" ];
|
||||
# image = "docker.io/redis:8.0.3-alpine";
|
||||
# };
|
||||
# authentik-server = {
|
||||
# cmd = ["server"];
|
||||
# environmentFiles = [
|
||||
# "/var/run/secrets/authentik-env"
|
||||
# ];
|
||||
# extraOptions = [ "--pod=authentik" ];
|
||||
# image = "ghcr.io/goauthentik/server:2025.4";
|
||||
# volumes = [
|
||||
# "/opt/authentik/media:/media"
|
||||
# "/opt/authentik/templates:/templates"
|
||||
# ];
|
||||
# };
|
||||
# authentik-worker = {
|
||||
# cmd = ["worker"];
|
||||
# environmentFiles = [
|
||||
# "/var/run/secrets/authentik-env"
|
||||
# ];
|
||||
# extraOptions = [ "--pod=authentik" ];
|
||||
# image = "ghcr.io/goauthentik/server:2025.4";
|
||||
# volumes = [
|
||||
# "/opt/authentik/certs:/certs"
|
||||
# "/opt/authentik/media:/media"
|
||||
# "/opt/authentik/templates:/templates"
|
||||
# ];
|
||||
# };
|
||||
# };
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue