apparently we don't need adminsGroup
This commit is contained in:
cl0vrfi3ld
@@ -16,7 +16,6 @@ let
|
|||||||
redirect-uri = "${full-domain}/openid/callback";
|
redirect-uri = "${full-domain}/openid/callback";
|
||||||
landing-uri = "${full-domain}/login";
|
landing-uri = "${full-domain}/login";
|
||||||
oauthDiscoveryURL = auth-passthru.oauth2-discovery-url oauthClientID;
|
oauthDiscoveryURL = auth-passthru.oauth2-discovery-url oauthClientID;
|
||||||
adminsGroup = "sp.${oauthClientID}.admins";
|
|
||||||
usersGroup = "sp.${oauthClientID}.users";
|
usersGroup = "sp.${oauthClientID}.users";
|
||||||
|
|
||||||
linuxUserOfService = "actual";
|
linuxUserOfService = "actual";
|
||||||
@@ -205,7 +204,7 @@ in
|
|||||||
# OIDC for Actual is currently in beta and requires legacy cryptography algorithms
|
# OIDC for Actual is currently in beta and requires legacy cryptography algorithms
|
||||||
services.kanidm.provision.systems.oauth2."${oauthClientID}".enableLegacyCrypto = true;
|
services.kanidm.provision.systems.oauth2."${oauthClientID}".enableLegacyCrypto = true;
|
||||||
selfprivacy.auth.clients."${oauthClientID}" = {
|
selfprivacy.auth.clients."${oauthClientID}" = {
|
||||||
inherit adminsGroup usersGroup;
|
inherit usersGroup;
|
||||||
imageFile = ./icon-lg.svg;
|
imageFile = ./icon-lg.svg;
|
||||||
displayName = "Actual";
|
displayName = "Actual";
|
||||||
subdomain = cfg.subdomain;
|
subdomain = cfg.subdomain;
|
||||||
|
|||||||
Reference in New Issue
Block a user