32 lines
705 B
Nix
32 lines
705 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
services.dex = {
|
|
enable = true;
|
|
# You can add secret files here
|
|
environmentFile = null;
|
|
settings = {
|
|
# External url
|
|
issuer = "http://127.0.0.1:5556/dex";
|
|
storage = {
|
|
type = "postgres";
|
|
config.host = "/var/run/postgres";
|
|
};
|
|
web = {
|
|
http = "127.0.0.1:5556";
|
|
};
|
|
enablePasswordDB = true;
|
|
staticClients = [
|
|
{
|
|
id = "oidcclient";
|
|
name = "Client";
|
|
redirectURIs = ["https://example.com/callback"];
|
|
secretFile = "/etc/dex/oidcclient"; # The content of `secretFile` will be written into to the config as `secret`.
|
|
}
|
|
];
|
|
};
|
|
};
|
|
}
|