Enable OIDC for FreshRSS on Tailscale

2025-02-08 22:09:40 +01:00 · 2025-02-08 22:09:40 +01:00 · c69d909b2f
commit c69d909b2f
parent 74c29e3fd0
2 changed files with 1 additions and 12 deletions
--- a/modules/authelia.nix
+++ b/modules/authelia.nix
@ -88,7 +88,7 @@
                  client_secret.path = "/secrets/authelia/freshrss_client_secret";
                  public = false;
                  authorization_policy = "two_factor";
-                  redirect_uris = ["https://rss.kun.is:443/i/oidc/"];
+                  redirect_uris = ["https://freshrss.griffin-mermaid.ts.net/i/oidc/"];
                  scopes = ["openid" "groups" "email" "profile"];
                  userinfo_signed_response_alg = "none";
                  token_endpoint_auth_method = "client_secret_basic";
--- a/modules/freshrss.nix
+++ b/modules/freshrss.nix
@ -84,20 +84,9 @@
          targetPort = "web";
        };
      };
-
-      ingresses.freshrss.metadata.annotations."traefik.ingress.kubernetes.io/router.middlewares" = "kube-system-forwardauth-authelia@kubernetescrd";
    };

    lab = {
-      ingresses.freshrss = {
-        host = "rss.kun.is";
-
-        service = {
-          name = "server";
-          portName = "web";
-        };
-      };
-
      tailscaleIngresses.tailscale = {
        host = "freshrss";
        service.name = "server";