From e79af804f103a858dde2e5208a5c9ef5d7a0fdd0 Mon Sep 17 00:00:00 2001
From: Inex Code <inex.code@selfprivacy.org>
Date: Fri, 28 Mar 2025 17:08:37 +0300
Subject: [PATCH] feat: Allow services to communicate with Kanidm even when
 there is no DNS record yet

---
 auth/auth.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/auth/auth.nix b/auth/auth.nix
index 246a09d..75da8f5 100644
--- a/auth/auth.nix
+++ b/auth/auth.nix
@@ -100,6 +100,12 @@ lib.mkIf config.selfprivacy.sso.enable {
     )
   ];
 
+  networking.hosts = {
+    # Allow the services to communicate with kanidm even if
+    # there is no DNS record yet
+    "127.0.0.1" = [ auth-fqdn ];
+  };
+
 
   # kanidm uses TLS in internal connection with nginx too
   # FIXME revise this: maybe kanidm must not have access to a public TLS