Gleipnir/nixos-systems
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixos-systems/secrets/authentik.env
Eli Ribble 4d5de177b5 Get authentik working on the new corp server without podman 
The podman integration was pretty janky because it relied on running a
pod and the NixOS integration with pods are essentially non-existent.
This led to issues with the port being improperly forwarded when
partially restarted.

Now instead I use a flake dedicated to running authentik. This allows me
to specify some of the config in the module directly and some in
secrets, which is really nice. I've additionally added some changes to
the listen address so that the service isn't exposed over public IP
addresses.
2025-09-09 15:03:43 +00:00

19 lines
4 KiB
Bash
Raw Blame History

AUTHENTIK_EMAIL__USERNAME=ENC[AES256_GCM,data:4PMcNtQZOCcepXOFoHQJe8A+0AdOUGQk76rI2EE=,iv:C5ATwjfF+/lkMhUPUF1u4EMmlfe0oCuagrajKVsmsbQ=,tag:PNM+kYe8rgDmOumtfvzE8A==,type:str]
AUTHENTIK_EMAIL__PASSWORD=ENC[AES256_GCM,data:761BeyOs9Ay9rb64FQAk14SqD54tcy2P,iv:D9Dn+jXKeSBWXvsyvMHcnM4NkNm1FAph/j1XAOYVG00=,tag:pDJzzlLlpNpQPAyr/IIyFQ==,type:str]
AUTHENTIK_SECRET_KEY=ENC[AES256_GCM,data:8jb7qazlI3luTrBuUWNOy/TTkiiYLW+XYqFKmFo8rgRmbfMqKwM6485U7i7GNFHSVqQEaOXc39WEZR6dZILIZ47nJDETeSnMGGgLz8T7UwU=,iv:GV+cfsX+kXED//ladyo9jg5XLOmg8l1bGTqNB7JnwfU=,tag:ddGxFUKrMSVWWjBrDP1N2w==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSTm1Zb1picVdVRTBiQjRK\nNkVMVHhWa2lsWEVYVllVaW1wdkpKSFVpc0VnCnBXRlVZVk11b0xjV3k2bkJpczVG\nZEZQekljRVJ5VmNOU3R2UXZUMm9CR1UKLS0tIHFHV0VmUHZzTTV3U0w2ZHJKc3Vz\nVEt4RUNBMlBGOFRoUjI0QUlvVVlIb0EKeLJRLIYTakdoc244pXBu6oqoni9ZM9PQ\nyp02oXiyqmlZZqAfTJ4emnVqPv/fJKquiN2izsOtHs4PONc1n5eJcg==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1fnkhk9rv7r8gh84vxnhvndk4fgh20qcj4hvnfhdpumcydl6m6vrse50lrz
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhUFhCR2JUVGpQVS9IMDJ5\nbS9QQ2hPRnYxT2xuVXYzejkxdUM1YWg3MTB3Cm1wcERQM1NXdGQ0a2hGREFHeFdL\nMTNiNnk2VEVSNmZuZjR5TzFQc201eVkKLS0tIEtoVHVxU2l1WHI4YjhIK0NUNTF3\nUFEwL2l5dUZsZk0zbDl1R2VWdzM5eVkKsB+X4M9BAUW5Y3svt++VVcgIKXfSWJG5\nlxdem+k8JI7YT9F8lXLE2hatWX8Fj3QnUlFLUif7UC0yojOf1tUGJg==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1x704pjnueguchkl54ly8w4w26ltys5900v7xnl7w3zlgasus09jszz45t8
sops_age__list_2__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4Rm9YMUVUN0R5QmtGUTJP\nckFPcEExbkFqSU4rdUM0RmVFUmdDRHp6aTFZCmFGaUZqODRJN1luWm40ZDFOeElF\nM25rUVdaSjdjcmtEYlRrL2p4d2RKV1UKLS0tIGM3TWN3REdYMktkb21FZzVsZWsy\nc3NydFppYUpBTWlZaWtHWnpXZFZEa0EKL6tOOE74v6nx/jz9Tggtvnl187EkgBRs\nsaPk08KnzRjZ2f9WwuOI1q5f+f/VnlnOwUY2609i1ibYLHkceOjRMw==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_2__map_recipient=age15y4k929zaj9fdg3vd40pa40tgvrgv9mn22xfummn5zxfmkcw5d0st6prjx
sops_age__list_3__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSazM2QjlockczaGZlZGVz\nK01NWUJqeWp4Q0NIT1VwdVpaYXJuTldRc2dVCkVMT2JuczA4S203c0FSbENFMldF\nTkZmZGpsY0dZYlY4VDZDaHhsZkNDZVkKLS0tIEVVR3lxdVliQ2JJL29iTUxVbGFJ\nVDBCVGhaQ0haUFhFQUVseTdyd2oyNW8KpONRiR6cGSZ9ovH28/Ls8q+Om1L4mvrg\nPj5tC7PHQa0R0/Es7POedqZzAsoknnZL8DLYwHep0pxBttQT2aPMmA==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_3__map_recipient=age1ck44jqpuz3zlthquvuh7wsemrjrgfzhn462sk7rlfetwxpgy0uqs79xn2h
sops_age__list_4__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtaWJmOXZHUis0ck9UOUxk\nWGpqbWVYejRYdWdDSnN2TnpwMkxjL2VwRHc0Cjc4bXBJdk1VTTdtSFpKTVovK1Jq\ncUwvK3VHTTZqVHJEMkhaKytQdjkvQzQKLS0tIEhZSzI1S0ltVURNTXZ2UDRCZTlC\nMVVqRDlTNlhmREtBTEMxdnNGT3R3aFEKnO/ppqbg0+QDBSpfniGyPcmPk+qu5ziK\nh7enF1pviWibGSY94ri8au27WKmpsDYC6h0Yz1zVSDgFJBu723jQYg==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_4__map_recipient=age1t3ryfktuhr3cysf49m9q2n8fkjf9ajjjnhztxw9hz8paxgk4lpcq065jge
sops_age__list_5__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByMU52ajRCZG9zdy90WXVx\naVdkSy9IYk0xbXpIUHdMc09McVBNSzNQemxZCkdVUVllemEvaWJEWldWbTF4Vzk1\nRmwxWUplRGE0VE9nRko0TzNERU04SGsKLS0tIHJib2RCcE5neS9VMzIyMFdLdUtQ\nUkQ3ZFo3aTA1bWNFWC9hS3V2dmdLbkkKQpvIwDvGbK1hh7L76fjDYN2cpVQ6tmMH\nx/yrABcRT54Q36zynPYlk18tWh19hjpkExNxPu6zdEoQ8MXUto8vFw==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_5__map_recipient=age1j90h7hcp4fctr2xwj4zf9cxuelm43wkujvryc9hk6rzzc37rwdmss035w7
sops_lastmodified=2025-09-09T12:49:14Z
sops_mac=ENC[AES256_GCM,data:l28mT7peCNM8I0g0UdH1OsFHMDAQ7YRo4GBSXMGbVfTmvIO3Qlkav/07ByBnv1HaGbSuRnMeF8zYilNLRO5JXdgUmFrt+QNXYrbFtkEd4boldVIHDDjtj5lyO6xdX/S5BL+engyE+7+DXz1UFkKBKoKqnQupzFLhWoIsFkGxbq0=,iv:IfzlXWHN0LLhVU/T79Wn8kraENMibtijWj8l7LiT4uE=,tag:RNFlpyEd+QBUFGGZC9CvDA==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.10.2
Reference in a new issue View git blame Copy permalink