From a8c8740b1436803116db68c8be59f40e0a165124 Mon Sep 17 00:00:00 2001
From: soraefir <soraefir+git@helcel>
Date: Wed, 6 May 2026 01:21:01 +0200
Subject: [PATCH] Fix db pointer

---
 modules/server/containers/default.nix        | 17 +++++++----------
 modules/server/containers/defs/authentik.nix | 17 ++++-------------
 2 files changed, 11 insertions(+), 23 deletions(-)

diff --git a/modules/server/containers/default.nix b/modules/server/containers/default.nix
index 7bb726d..7f63352 100644
--- a/modules/server/containers/default.nix
+++ b/modules/server/containers/default.nix
@@ -11,20 +11,17 @@ let
 in
 {
   config = lib.mkIf ( enabledConfigs != {} ) {
+    virtualisation.containers.containersConf.settings = {
+      containers = {
+        host_containers_internal = true;
+        additional_hosts = [ "host.internal:host-gateway" ];
+      };
+    };
+
     virtualisation.oci-containers = {
       backend = "podman";
       containers = mergedContainers;
     };
 
-    # systemd.services.init-podman-network = {
-    #   description = "Create Podman network with subnet";
-    #   after = [ "network.target" ];
-    #   wantedBy = [ "multi-user.target" ];
-    #   serviceConfig.Type = "oneshot";
-    #   script = ''
-    #     ${pkgs.podman}/bin/podman network inspect podnet || \
-    #     ${pkgs.podman}/bin/podman network create --subnet=10.88.0.0/16 podnet
-    #   '';
-    # };
   };
 }
\ No newline at end of file
diff --git a/modules/server/containers/defs/authentik.nix b/modules/server/containers/defs/authentik.nix
index 320ed8b..aebcf5f 100644
--- a/modules/server/containers/defs/authentik.nix
+++ b/modules/server/containers/defs/authentik.nix
@@ -6,12 +6,6 @@ in {
     "d ${serverCfg.dataPath}/authentik/template 0755 root root -"
   ];
   containers = {
-    auth_redis = {
-      image = "redis:alpine";
-      hostname = "auth_redis";
-      volumes = [ ];
-      environment = { };
-    };
 
     auth_server = {
       image = "ghcr.io/goauthentik/server:latest";
@@ -21,10 +15,9 @@ in {
         "${serverCfg.dataPath}/authentik/templates:/templates"
       ];
       environment = {
-        "AUTHENTIK_REDIS__HOST" = "auth_redis";
-        "AUTHENTIK_POSTGRESQL__HOST" = "auth_postgresql";
-        "AUTHENTIK_POSTGRESQL__USER" = "authentik";
-        "AUTHENTIK_POSTGRESQL__NAME" = "authentik";
+        "AUTHENTIK_POSTGRESQL__HOST" = "host.internal";
+        "AUTHENTIK_POSTGRESQL__USER" = "authentik_user";
+        "AUTHENTIK_POSTGRESQL__NAME" = "authentik_db";
         "AUTHENTIK_POSTGRESQL__PASSWORD" = "AUTHENTIK_DB_PASSWORD";
         "AUTHENTIK_SECRET_KEY" = "AUTHENTIK_SECRET_KEY";
         "AUTHENTIK_EMAIL__HOST" = "${serverCfg.mailDomain}";
@@ -45,7 +38,6 @@ in {
       };
       cmd = [ "server" ];
       extraOptions = [
-        # "--network=portnet"
         "--ip=${containerCfg.ip}"
       ];
       ports = [
@@ -62,8 +54,7 @@ in {
         "/var/run/docker.sock:/var/run/docker.sock"
       ];
       environment = {
-        "AUTHENTIK_REDIS__HOST" = "auth_redis";
-        "AUTHENTIK_POSTGRESQL__HOST" = "auth_postgresql";
+        "AUTHENTIK_POSTGRESQL__HOST" = "host.internal";
         "AUTHENTIK_POSTGRESQL__USER" = "authentik_user";
         "AUTHENTIK_POSTGRESQL__NAME" = "authentik_db";
         "AUTHENTIK_POSTGRESQL__PASSWORD" = "AUTHENTIK_DB_PASSWORD";