nix-config/hosts/auth
Sandro - bd577d16dc
auth: remove unused arg
2023-08-23 23:44:30 +02:00
..
README.md Add some documentation 2022-12-25 23:57:01 +01:00
default.nix auth: remove unused arg 2023-08-23 23:44:30 +02:00
secrets.yaml sops updatekeys 2023-08-09 00:44:38 +02:00

README.md

Design

We are using portunus to manage an OpenLDAP server and currently dex to offer OIDC. Dex might be replaced in the future with an equivalent solution that can remember sessions to have true SSO. New services should use OAuth/OIDC if possible to lay the groundwork for SSO. If the application only support LDAP, that is also fine to use.

How to use it

See the grafana configuration to see an example on how to use OAuth. To create a new application edit the dex configuration next to portunus. The aplication credentials are saved in sops.

For an exmaple ldap configuration see the gitea, hydra or mailtngbert. The ldap settings are documented in portunus in detail. To connect to auth.c3d2.de the nixos-modules option services.portunus.addToHosts should be set to true.