Add authentik

2025-02-05 21:08:52 +01:00 · 2025-02-05 21:08:52 +01:00 · a3d887ef8d
parent b9d6ff7e10
commit a3d887ef8d
3 changed files with 48 additions and 1 deletions
--- a/roles/authentik.nix
+++ b/roles/authentik.nix
@ -0,0 +1,46 @@
+{
+  name = "Authentik";
+  description = ''
+    SSO provider
+  '';
+
+  traefikRoutes =
+    {
+      host,
+      ...
+    }:
+    let
+      hostname = host.hostname;
+      config = host.config.authentik;
+    in
+    [
+      {
+        name = "${hostname}-authentik";
+        rule = "Host(`${config.domain}`)";
+        # TODO: Change port
+        target = "http://${host.ip}:PORTHERE";
+      }
+    ];
+
+  nixosModule =
+    { lib, ... }:
+    {
+      options.authentik = {
+        domain = lib.mkOption {
+          type = lib.types.str;
+        };
+      };
+
+      config = {
+        # Enable the sonarr service
+        services.sonarr = {
+          enable = true;
+          openFirewall = true;
+          group = "media";
+        };
+
+        # Ensure that the media group exists
+        users.groups.media = { };
+      };
+    };
+}
--- a/roles/default.nix
+++ b/roles/default.nix
@ -5,4 +5,5 @@
 {
  sonarr = utils.mkRole (import ./sonarr.nix);
  traefik = utils.mkRole (import ./traefik.nix);
+  authentik = utils.mkRole (import ./authentik.nix);
 }
--- a/roles/sonarr.nix
+++ b/roles/sonarr.nix
@ -26,7 +26,7 @@
    {
      options.sonarr = {
        domain = lib.mkOption {
-          type = lib.types.listOf lib.types.str;
+          type = lib.types.str;
        };
      };