From 7381a17f876d897d4d397092d1361d0e38240742 Mon Sep 17 00:00:00 2001
From: soraefir <soraefir+git@helcel>
Date: Wed, 13 May 2026 22:26:18 +0200
Subject: [PATCH] fix ldap

---
 modules/server/containers/apps/authentik.nix       | 4 +---
 modules/server/containers/data/authentik/ldap.yaml | 2 +-
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/modules/server/containers/apps/authentik.nix b/modules/server/containers/apps/authentik.nix
index 2f0f719..cc5d6fa 100644
--- a/modules/server/containers/apps/authentik.nix
+++ b/modules/server/containers/apps/authentik.nix
@@ -27,7 +27,6 @@ in {
     server = builder.mkContainer {
       subdomain = containerCfg.subdomain;
       image = "ghcr.io/goauthentik/server:${version}";
-      port = 9000;
       secret = name;
       extraEnv = {
         AUTHENTIK_REDIS__HOST = builder.host;
@@ -47,7 +46,6 @@ in {
       };
       overrides = {
         cmd = [ "server" ];
-        ports = if containerCfg.port!=null then [ "${toString containerCfg.port}:9000" ] else [];
         volumes = [
           "${serverCfg.configPath}/authentik/media:/media"
           "${serverCfg.configPath}/authentik/templates:/templates"
@@ -82,7 +80,7 @@ in {
       image = "ghcr.io/goauthentik/ldap:${version}";
       secret = name;
       extraEnv = {
-        "AUTHENTIK_HOST" = "http://${builder.host}:9000"; 
+        "AUTHENTIK_HOST" = "http://authentik-server:9000"; 
         "AUTHENTIK_INSECURE" = "false"; 
       };
       overrides = {
diff --git a/modules/server/containers/data/authentik/ldap.yaml b/modules/server/containers/data/authentik/ldap.yaml
index a793946..f741698 100644
--- a/modules/server/containers/data/authentik/ldap.yaml
+++ b/modules/server/containers/data/authentik/ldap.yaml
@@ -6,7 +6,7 @@ entries:
     identifiers:
       name: ldap-provider
     attrs:
-      base_dn: "DC=ldap,@AUTHENTIK_LDAP_DC_DOMAIN@"
+      base_dn: "@AUTHENTIK_LDAP_DC_DOMAIN@"
       search_group: null
       authorization_flow:
         !Find [