From 9c50691ede84ad83e1d7fa4dc3334f38cee08630 Mon Sep 17 00:00:00 2001
From: Bruno BELANYI <bruno@belanyi.fr>
Date: Sat, 28 Dec 2024 13:28:03 -0500
Subject: [PATCH] nixos: services: nginx: sso: use upstream module

It's finally been merged, so let's get rid of this module.
---
 modules/nixos/services/nginx/default.nix     |  4 -
 modules/nixos/services/nginx/sso/default.nix | 84 --------------------
 2 files changed, 88 deletions(-)
 delete mode 100644 modules/nixos/services/nginx/sso/default.nix

diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix
index 3bba9f4..cb27604 100644
--- a/modules/nixos/services/nginx/default.nix
+++ b/modules/nixos/services/nginx/default.nix
@@ -87,10 +87,6 @@ let
   });
 in
 {
-  imports = [
-    ./sso
-  ];
-
   options.my.services.nginx = with lib; {
     enable = mkEnableOption "Nginx";
 
diff --git a/modules/nixos/services/nginx/sso/default.nix b/modules/nixos/services/nginx/sso/default.nix
deleted file mode 100644
index d60e31b..0000000
--- a/modules/nixos/services/nginx/sso/default.nix
+++ /dev/null
@@ -1,84 +0,0 @@
-# I must override the module to allow having runtime secrets
-{ config, lib, pkgs, utils, ... }:
-let
-  cfg = config.services.nginx.sso;
-  pkg = lib.getBin cfg.package;
-  confPath = "/var/lib/nginx-sso/config.json";
-in
-{
-  disabledModules = [ "services/security/nginx-sso.nix" ];
-
-
-  options.services.nginx.sso = with lib; {
-    enable = mkEnableOption "nginx-sso service";
-
-    package = mkOption {
-      type = types.package;
-      default = pkgs.nginx-sso;
-      defaultText = "pkgs.nginx-sso";
-      description = ''
-        The nginx-sso package that should be used.
-      '';
-    };
-
-    configuration = mkOption {
-      type = types.attrsOf types.unspecified;
-      default = { };
-      example = literalExample ''
-        {
-          listen = { addr = "127.0.0.1"; port = 8080; };
-
-          providers.token.tokens = {
-            myuser = "MyToken";
-          };
-
-          acl = {
-            rule_sets = [
-              {
-                rules = [ { field = "x-application"; equals = "MyApp"; } ];
-                allow = [ "myuser" ];
-              }
-            ];
-          };
-        }
-      '';
-      description = ''
-        nginx-sso configuration
-        (<link xlink:href="https://github.com/Luzifer/nginx-sso/wiki/Main-Configuration">documentation</link>)
-        as a Nix attribute set.
-      '';
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    systemd.services.nginx-sso = {
-      description = "Nginx SSO Backend";
-      after = [ "network.target" ];
-      wantedBy = [ "multi-user.target" ];
-      serviceConfig = {
-        StateDirectory = "nginx-sso";
-        WorkingDirectory = "/var/lib/nginx-sso";
-        # The files to be merged might not have the correct permissions
-        ExecStartPre = pkgs.writeShellScript "merge-nginx-sso-config" ''
-          rm -f '${confPath}'
-          ${utils.genJqSecretsReplacementSnippet cfg.configuration confPath}
-        '';
-        ExecStart = lib.mkForce ''
-          ${lib.getExe pkg} \
-            --config ${confPath} \
-            --frontend-dir ${pkg}/share/frontend
-        '';
-        Restart = "always";
-        User = "nginx-sso";
-        Group = "nginx-sso";
-      };
-    };
-
-    users.users.nginx-sso = {
-      isSystemUser = true;
-      group = "nginx-sso";
-    };
-
-    users.groups.nginx-sso = { };
-  };
-}