diff --git a/nixos/mirai/services/authelia.nix b/nixos/mirai/services/authelia.nix index dab35d9c..669b8c0e 100644 --- a/nixos/mirai/services/authelia.nix +++ b/nixos/mirai/services/authelia.nix @@ -22,40 +22,40 @@ path = "/run/secrets/users"; }; }; - identity_providers = { - odic = { - clients = [ - { - client_id = "immich"; - client_name = "immich"; - client_secret = ''{{ fileContent "${config.sops.secrets."authelia/oidc/immich".path}" }}''; - public = false; - authorization_policy = "two_factor"; - require_pkce = false; - pkce_challenge_method = ""; - redirect_uris = [ - "https://photos.darksailor.dev/auth/login" - "https://photos.darksailor.dev/user-settings" - "app.immich:///oauth-callback" - ]; - scopes = [ - "openid" - "profile" - "email" - ]; - response_types = [ - "code" - ]; - grant_types = [ - "authorization_code" - ]; - access_token_signed_response_alg = "none"; - userinfo_signed_response_alg = "none"; - token_endpoint_auth_method = "client_secret_post"; - } - ]; - }; - }; + # identity_providers = { + # oidc = { + # clients = [ + # { + # client_id = "immich"; + # client_name = "immich"; + # client_secret = ''{{ fileContent "${config.sops.secrets."authelia/oidc/immich".path}" }}''; + # public = false; + # authorization_policy = "two_factor"; + # require_pkce = false; + # pkce_challenge_method = ""; + # redirect_uris = [ + # "https://photos.darksailor.dev/auth/login" + # "https://photos.darksailor.dev/user-settings" + # "app.immich:///oauth-callback" + # ]; + # scopes = [ + # "openid" + # "profile" + # "email" + # ]; + # response_types = [ + # "code" + # ]; + # grant_types = [ + # "authorization_code" + # ]; + # access_token_signed_response_alg = "none"; + # userinfo_signed_response_alg = "none"; + # token_endpoint_auth_method = "client_secret_post"; + # } + # ]; + # }; + # }; session = { cookies = [ { @@ -67,36 +67,6 @@ }; access_control = { default_policy = "one_factor"; - rules = [ - # { - # domain = "darksailor.dev"; - # policy = "one_factor"; - # } - # { - # domain = "cloud.darksailor.dev"; - # policy = "one_factor"; - # } - # { - # domain = "code.darksailor.dev"; - # policy = "one_factor"; - # } - # { - # domain = "media.darksailor.dev"; - # policy = "one_factor"; - # } - # { - # domain = "music.darksailor.dev"; - # policy = "one_factor"; - # } - # { - # domain = "music.darksailor.dev"; - # policy = "bypass"; - # resources = [ - # "^/rest([/?].*)?$" - # "^/share([/?].*)?$" - # ]; - # } - ]; }; storage = { local = { diff --git a/nixos/mirai/services/immich.nix b/nixos/mirai/services/immich.nix index 9e68ede5..a6b0b7e7 100644 --- a/nixos/mirai/services/immich.nix +++ b/nixos/mirai/services/immich.nix @@ -1,5 +1,5 @@ {...}: { services.immich = { - enable = true; + enable = false; }; }