Alexander Tomokhov
|
3a8a3dfc95
|
fix auth meta: add meta to flake.nix and icon.svg
|
2025-02-01 18:36:01 +04:00 |
|
Alexander Tomokhov
|
70a946cc66
|
auth: add meta to all options
|
2025-01-31 14:37:58 +04:00 |
|
Alexander Tomokhov
|
89e7145a01
|
auth: replace useless oauth2-introspection-url with prefix/postfix parts
oauth2-introspection-url is useless, because it would contain OAuth
client secret right in the URL. OAuth clients contruct URLs on its own.
|
2025-01-31 14:26:58 +04:00 |
|
Alexander Tomokhov
|
2ed4cc0dee
|
passthru.selfprivacy.auth.admins-group = "sp.admins"
|
2025-01-25 23:20:00 +04:00 |
|
Alexander Tomokhov
|
d008fbcc17
|
auth: sp.full_users group
|
2025-01-25 01:24:28 +04:00 |
|
Alexander Tomokhov
|
ed10508ed9
|
auth: create sp.selfprivacy-api.service-account
|
2025-01-17 16:09:25 +04:00 |
|
Alexander Tomokhov
|
a45cf792e5
|
fix(auth): rename oauth2-provider-name
|
2025-01-17 15:58:51 +04:00 |
|
Alexander Tomokhov
|
7f9f7a4db2
|
fix auth: sp.{service}.admins groups provisioning
|
2025-01-17 15:56:47 +04:00 |
|
Alexander Tomokhov
|
bc8f998176
|
fix(auth): debug and enable options
|
2025-01-17 15:56:47 +04:00 |
|
Alexander Tomokhov
|
c127145425
|
feat(auth,roundcube): members of sp.admins group become admins
|
2025-01-17 15:56:47 +04:00 |
|
Alexander Tomokhov
|
f07b867af2
|
security: harden some SP modules NixOS config evaluation permissions
|
2025-01-17 15:56:47 +04:00 |
|
Alexander Tomokhov
|
3a904f599e
|
chore: restructure LDAP related nix files
|
2025-01-17 15:56:47 +04:00 |
|
Alexander Tomokhov
|
5d76f456c1
|
auth: ldap-dovecot.nix, clean code
|
2025-01-17 15:56:47 +04:00 |
|
Alexander Tomokhov
|
ad6d3d6970
|
WIP: LDAP: Dovecot&Postfix works, but Postfix sends to 25 port
|
2025-01-17 15:56:47 +04:00 |
|
Alexander Tomokhov
|
b5de64105c
|
kanidm 1.4.0
|
2025-01-17 15:56:47 +04:00 |
|
Alexander Tomokhov
|
f388e18ef0
|
minimal kanidm setup
Only Roundcube and Dovecot communicate with Kanidm.
|
2025-01-17 15:56:47 +04:00 |
|