thary/sp-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
479 Commits 1 Branch 0 Tags
7135f5b6bdec5829b51bd056822239a2733d3c14
Commit Graph

479 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Tomokhov
5cc23464d5 fix forgejo,auth: OAuth client secret filepath 2025-04-17 13:20:07 +04:00
Alexander Tomokhov
56a56b67b4 auth: add imageFile option 2025-04-17 13:20:07 +04:00
Alexander Tomokhov
1f67bb5a85 fix assertion message in sp-modules/simple-nixos-mailserver/config.nix 2025-04-17 13:20:07 +04:00
Inex Code
a38d426c19 chore: Update API 2025-04-14 17:14:27 +03:00
Inex Code
6f84778527 chore: Update API 2025-04-14 14:40:23 +03:00
nhnn
b605d07b52 feat: Vikunja to-do app (#128) 
Vikunja is fast self-hostable to-do app.

Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/128
Reviewed-by: Inex Code <inex.code@selfprivacy.org>
Co-authored-by: nhnn <nhnn@nhnn.dev>
Co-committed-by: nhnn <nhnn@nhnn.dev>
 2025-04-14 14:32:42 +03:00
Alexander Tomokhov
0fdcf8a791 nextcloud,auth: disable integration with Kanidm when sso is disabled 2025-04-12 15:57:01 +04:00
Alexander Tomokhov
9d7fa8ec7d clean auth/auth.nix and auth/auth-module.nix 2025-04-12 11:06:47 +04:00
Alexander Tomokhov
63ce4d9143 fix auth: name of /run/keys/* folder equals to linux group name 2025-04-11 21:25:11 +04:00
Alexander Tomokhov
b87c37afa2 auth: rewrite /run/keys/* creation to tmpfiles.d 2025-04-11 19:36:11 +04:00
Alexander Tomokhov
a5f497d9cf fix forgejo,auth: wait until OAuth2 discovery URL is online 
Previously, Forgejo systemd service failed quickly, because kanidm
reports a notice to systemd before discovery URL is ready.
 2025-04-11 14:07:40 +04:00
Inex Code
54bb84ca46 chore: Fix API not handling unfree licenses 2025-04-08 13:21:54 +03:00
Inex Code
84461021d7 chore: Update API 2025-04-08 11:50:26 +03:00
Alexander Tomokhov
5e3bb329bd autoUpgrade: change hardcoded selfprivacy-nixos-config git ref to "sso" 2025-04-07 01:08:11 +04:00
Alexander Tomokhov
010c11ade0 redirect stderr to systemd journal in sp-nixos-* modules 2025-04-04 16:38:00 +04:00
Inex Code
f516d2e722 chore: Update Nextcloud to version 30 2025-03-31 19:37:38 +03:00
Alexander Tomokhov
74d7f7ef43 dovecot:auth: fix OAuth client secret generation 2025-03-29 03:59:56 +04:00
Inex Code
339dafb3fd fix: Password email auth was broken 2025-03-29 01:13:00 +03:00
Alexander Tomokhov
c118802155 roundcube:auth: fix OAuth client secret generation and copy order 2025-03-29 01:35:00 +04:00
Inex Code
f3593156dc fix: Turn on email SSO by default 2025-03-28 23:47:38 +03:00
Alexander Tomokhov
a10d9cdfb9 forgejo:auth: fix recognition of an admin user 2025-03-29 00:44:10 +04:00
Inex Code
537d916ea9 fix: Presumably unused secrets file for Nextcloud 2025-03-28 23:17:47 +03:00
Inex Code
11da3e69ce fix: API was confused by empty persons list 2025-03-28 22:50:29 +03:00
Inex Code
71b73b02d4 chore: Use sso branch during server upgrades 2025-03-28 22:13:31 +03:00
Inex Code
882e24fba0 fix: API reported old version of itself 2025-03-28 21:53:07 +03:00
nhnn
4dd08c942a fix: disable root login using password 2025-03-28 21:35:40 +03:00
Inex Code
0f605401a8 fix: Ecxlude DeSEC from dns propagation check exceptions 2025-03-28 21:35:28 +03:00
Inex Code
c2e1fa41e9 refactor: rename accessGroup to userGroup 2025-03-28 17:41:04 +03:00
Inex Code
a2d184a62c chore: Use the recent beta build of SelfPrivacy API 2025-03-28 17:24:45 +03:00
Inex Code
cdcc40d2a7 feat: Disallow access to /internal path of API 2025-03-28 17:23:54 +03:00
Inex Code
d902a0f3f6 feat: allow plain login to dovecot 
The password backend is provided by SelfPrivacy API module at the moment
 2025-03-28 17:23:41 +03:00
Inex Code
fa9cd82739 fix: roundcube metadata 2025-03-28 17:21:08 +03:00
Inex Code
2b4a9e1f90 refactor: Remove redundant subdomain form ocrerv 2025-03-28 17:19:36 +03:00
Inex Code
aedc1a4297 fix: Nextcloud metadata 2025-03-28 17:18:16 +03:00
Inex Code
c528ea129f feat: Add SSO field to Forgeo SP mdoule metadata 2025-03-28 17:16:01 +03:00
Inex Code
3144e384a6 fix: Forgejo metadata 2025-03-28 17:15:20 +03:00
Inex Code
d08a5e1ba3 fix: Mark 'idm_all_persons' as a known group for provisioning 2025-03-28 17:09:01 +03:00
Inex Code
e79af804f1 feat: Allow services to communicate with Kanidm even when there is no DNS record yet 2025-03-28 17:08:37 +03:00
Inex Code
b571449efe refactor: Disable SSH login using password 2025-03-28 17:08:09 +03:00
Alexander Tomokhov
2ee27353da auth,forgejo: fix originLanding 2025-03-26 15:59:23 +04:00
Alexander Tomokhov
3f95b80c3c auth module: add originLanding option 2025-03-26 15:57:59 +04:00
Alexander Tomokhov
838b5dc204 auth: add missing nixpkgs-2411 input to flake.lock 2025-03-26 14:58:02 +04:00
Alexander Tomokhov
8013f2e394 auth: module for easier integration of new services with Kanidm 
- Forgejo is migrated to this module.
 2025-03-21 16:40:18 +04:00
nhnn
381468ad16 fix: disable root login using password 2025-03-20 12:48:41 +03:00
Alexander Tomokhov
403c4b31b1 refact: auth: variable for generated keys path in auth.nix 2025-03-16 19:50:41 +04:00
Inex Code
6d0271a9fe fix: Ecxlude DeSEC from dns propagation check exceptions 2025-02-13 06:16:05 +03:00
Alexander Tomokhov
c49a93bf9c auth: generate kanidm API token for selfprivacy in /run/keys/... 2025-02-12 15:50:19 +04:00
Alexander Tomokhov
1ff180ad1a add assertions: selfprivacy.sso.enable -> modules.*.enableSso 2025-02-03 02:17:54 +04:00
Alexander Tomokhov
331fa63b33 add options: selfprivacy.sso.enable && selfprivacy.sso.debug 
selfprivacy.sso.enable is true by default.
 2025-02-03 02:17:54 +04:00
Alexander Tomokhov
65548a1e73 SP modules do not depend on selfprivacy.modules.auth 2025-02-03 02:05:05 +04:00