nixos: services: nginx: sso: use upstream module

It's finally been merged, so let's get rid of this module.
flake: bump inputs
2024-12-28 13:28:03 -05:00 · 2024-12-28 13:24:21 -05:00
3 changed files with 9 additions and 97 deletions
--- a/flake.lock
+++ b/flake.lock
@ -136,11 +136,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1734808199,
-        "narHash": "sha256-MxlUcLjE8xLbrI1SJ2B2jftlg4wdutEILa3fgqwA98I=",
+        "lastModified": 1735381016,
+        "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "f342df3ad938f205a913973b832f52c12546aac6",
+        "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2",
        "type": "github"
      },
      "original": {
@ -152,11 +152,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1734424634,
-        "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=",
+        "lastModified": 1735291276,
+        "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33",
+        "rev": "634fd46801442d760e09493a794c4f15db2d0cbb",
        "type": "github"
      },
      "original": {
@ -177,11 +177,11 @@
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
-        "lastModified": 1734810357,
-        "narHash": "sha256-Oa6d+y1/PVaPrZ/GYwvmTK9kSrc5Qx/8D3DFN2TzpVA=",
+        "lastModified": 1735408823,
+        "narHash": "sha256-1VjQeMQer5nXNYtw+BG+s78ucaEoxO5oqj+yRmM8MMs=",
        "owner": "nix-community",
        "repo": "NUR",
-        "rev": "e7b7b92a7c97a91f1465ab433bbdf6d00df1db8e",
+        "rev": "8283ea92deac8cdb6fd63ff04049ac9e879bf5eb",
        "type": "github"
      },
      "original": {
--- a/modules/nixos/services/nginx/default.nix
+++ b/modules/nixos/services/nginx/default.nix
@ -87,10 +87,6 @@ let
  });
 in
 {
-  imports = [
-    ./sso
-  ];
-
  options.my.services.nginx = with lib; {
    enable = mkEnableOption "Nginx";

--- a/modules/nixos/services/nginx/sso/default.nix
+++ b/modules/nixos/services/nginx/sso/default.nix
@ -1,84 +0,0 @@
-# I must override the module to allow having runtime secrets
-{ config, lib, pkgs, utils, ... }:
-let
-  cfg = config.services.nginx.sso;
-  pkg = lib.getBin cfg.package;
-  confPath = "/var/lib/nginx-sso/config.json";
-in
-{
-  disabledModules = [ "services/security/nginx-sso.nix" ];
-
-
-  options.services.nginx.sso = with lib; {
-    enable = mkEnableOption "nginx-sso service";
-
-    package = mkOption {
-      type = types.package;
-      default = pkgs.nginx-sso;
-      defaultText = "pkgs.nginx-sso";
-      description = ''
-        The nginx-sso package that should be used.
-      '';
-    };
-
-    configuration = mkOption {
-      type = types.attrsOf types.unspecified;
-      default = { };
-      example = literalExample ''
-        {
-          listen = { addr = "127.0.0.1"; port = 8080; };
-
-          providers.token.tokens = {
-            myuser = "MyToken";
-          };
-
-          acl = {
-            rule_sets = [
-              {
-                rules = [ { field = "x-application"; equals = "MyApp"; } ];
-                allow = [ "myuser" ];
-              }
-            ];
-          };
-        }
-      '';
-      description = ''
-        nginx-sso configuration
-        (<link xlink:href="https://github.com/Luzifer/nginx-sso/wiki/Main-Configuration">documentation</link>)
-        as a Nix attribute set.
-      '';
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    systemd.services.nginx-sso = {
-      description = "Nginx SSO Backend";
-      after = [ "network.target" ];
-      wantedBy = [ "multi-user.target" ];
-      serviceConfig = {
-        StateDirectory = "nginx-sso";
-        WorkingDirectory = "/var/lib/nginx-sso";
-        # The files to be merged might not have the correct permissions
-        ExecStartPre = pkgs.writeShellScript "merge-nginx-sso-config" ''
-          rm -f '${confPath}'
-          ${utils.genJqSecretsReplacementSnippet cfg.configuration confPath}
-        '';
-        ExecStart = lib.mkForce ''
-          ${lib.getExe pkg} \
-            --config ${confPath} \
-            --frontend-dir ${pkg}/share/frontend
-        '';
-        Restart = "always";
-        User = "nginx-sso";
-        Group = "nginx-sso";
-      };
-    };
-
-    users.users.nginx-sso = {
-      isSystemUser = true;
-      group = "nginx-sso";
-    };
-
-    users.groups.nginx-sso = { };
-  };
-}
Author	SHA1	Message	Date
Bruno BELANYI	9c50691ede	nixos: services: nginx: sso: use upstream module All checks were successful ci/woodpecker/push/check Pipeline was successful Details It's finally been merged, so let's get rid of this module.	2024-12-28 13:28:03 -05:00
Bruno BELANYI	2996481327	flake: bump inputs	2024-12-28 13:24:21 -05:00