From f7c55f3a5aabb710c3b47f72111b6cd0e8ae73a7 Mon Sep 17 00:00:00 2001 From: soraefir Date: Wed, 13 May 2026 21:48:57 +0200 Subject: [PATCH] Fix Authentik LDAP --- modules/server/containers/apps/jellyfin.nix | 14 +++++++------- modules/server/containers/data/authentik/ldap.yaml | 8 ++------ modules/server/sops/server.yaml | 6 +++--- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/modules/server/containers/apps/jellyfin.nix b/modules/server/containers/apps/jellyfin.nix index 0016911..de1ccf1 100644 --- a/modules/server/containers/apps/jellyfin.nix +++ b/modules/server/containers/apps/jellyfin.nix @@ -13,6 +13,13 @@ let }; }; + #LDAP_DC_DOMAIN = "dc=ldap,dc=helcel,dc=net" + #HOST=... + #LDAP_BIND_USER=ldap-sa + #LDAP_BIND_PASSWORD=... + #LDAP_GROUP=flix + #LDAP_ADMIN=admin + in { paths = [ { @@ -58,11 +65,4 @@ in { }; - - #LDAP_DC_DOMAIN = "dc=ldap,dc=helcel,dc=net" - #HOST=... - #LDAP_BIND_USER=ldap-sa - #LDAP_BIND_PASSWORD=... - #LDAP_GROUP=flix - #LDAP_ADMIN=admin } \ No newline at end of file diff --git a/modules/server/containers/data/authentik/ldap.yaml b/modules/server/containers/data/authentik/ldap.yaml index a24b2e9..a793946 100644 --- a/modules/server/containers/data/authentik/ldap.yaml +++ b/modules/server/containers/data/authentik/ldap.yaml @@ -2,7 +2,6 @@ version: 1 metadata: name: Pre-configured LDAP Outpost entries: - # 1. Define the LDAP Provider - model: authentik_providers_ldap.ldapprovider identifiers: name: ldap-provider @@ -17,17 +16,14 @@ entries: invalidation_flow: !Find [authentik_flows.flow, [slug, default-provider-invalidation-flow]] - # 2. Define the Token with a static Key - model: authentik_core.token identifiers: identifier: ldap-outpost-static-token attrs: intent: api - # MANDATORY: Explicitly set your long, secure pre-shared token here - key: !Env AUTHENTIK_LDAP - user: 1 # Assigns to default akadmin user + key: !Env AUTHENTIK_TOKEN + user: 1 - # 3. Define the Outpost linking the Provider and the Token - model: authentik_outposts.outpost identifiers: name: LDAP Outpost diff --git a/modules/server/sops/server.yaml b/modules/server/sops/server.yaml index 9dba00c..63f0762 100644 --- a/modules/server/sops/server.yaml +++ b/modules/server/sops/server.yaml @@ -1,6 +1,6 @@ CUSTOM: ENC[AES256_GCM,data:OVhE99dmudlV31Re2/fyFurXnRSM3RjbdVDxYp6oF4kazaseISlI4QjgIyyUNEAjeAST17Prv/t5GdyTUvoUICoVKmhQdRv5xFeB7ngTCdi7XoYW1r6HIXwz9wOf/UvPWLafSxSM,iv:/ikpvHH5sLZpTnNABUFjZoVLS+tBZSUYIUxxdXMCCcc=,tag:mS9uW33M355KErY1rQtvqQ==,type:str] TRAEFIK: ENC[AES256_GCM,data:Ei+/OL7xwNaOEg3rSaz95N78nvp51lC63XCplNzeD+bBMGcK9G7HoyQxfpaJ7S0MkuMW0ZXT2nJ4GES40GoJCZIrnEiSBm2tpjDfNjlS/rFwxx0wVfM1nsEuBf3pL5dqiCNa9+Lad2Cd,iv:d1MH0ive+E8xuUK0CIOXZeEigHJKVGlFaq0iH4KSbZA=,tag:VTARuNeotr2I0+fdOk+iqA==,type:str] -AUTHENTIK: ENC[AES256_GCM,data:dZ+Kf85ZjaZ82coYNeNOXe5zfD2M9rEeOB6jDNoaKmo3jMABhnha+iBvYJTI2NltkGzymPJQI+JV8F6GdT1l6cqcR8p0nNjQjS1BMk0rR7n8RCp6MazUTJuIjbEq6zEUrA4SXquw5gZDEp4FLo010PhoLaLinHg8OoqzjDsTxdcKevbQWmZeefDBrwXWpz6BlkRIQA3KazVb0w7l1jDTIkozUIWbvtvtk5ccGjzx3b+wCC36QYFcHHtPvFZwMDHzFPVBd90hWc/BwFfvCExONmH0S7GLFTp7I5NsBnWpT0AHUHHc5PlSR2dUy9H2DZ3IkORdNVzOaqESbYKymuWTQBDQuyI9IJdt4Cac0CV9i6p8rFXL6fQyQKZ9djHX8orpyCUeJXqFs8I6et+IzpTeZcmdv/76Q9tomBBi4k4PRMXpeff8Bn02bOSb7RSaj5NVeWxIhZkh3sEXUeva5/yrAYT30mrLpbwzWoCaKrPCPLIcFxvNrYxPUo6kVVz1jSlBurvcKefbreJGqA==,iv:Hj7aBfDLSqRBzueN8b9F9TutpjMESFloqrnirSmnH9U=,tag:1ikt1JvuhIZCx68nh/VzMA==,type:str] +AUTHENTIK: ENC[AES256_GCM,data:hPSf0/iwTK1K1a175PKuuifTHFmWbcgATXRaDII/lwdhKcABurG3csTqu7Yd5wsjHfhz2j+0B0StbEIFtSsOfYW5ZWu3qVUqc7b4/pTLYqDMsyMStGMnXKBn/MBPv6K7LmgtEr1DthpAsFIpflzwuGh4W22prlWX9ulSiNynu2FfmdGvx+ij36abxyVyFd/77pWaGCyoFugddhvYw9jb+wViLebnT01ARW29J23ifU2Zx9gDv0ZULQVBl719AKtwxDj2Q+AFMwHJhT5Ncioqj/DiGkK7pR0kxt7SPJfpm76cWJ8qcmLkWjvVbEjMsEY+k01dlmMdsNG0OxAKy62aQk7q9NjvT1uo+BrabfKuiPnAy1phw5VNScS5BVVC5wKFkCeVhqTqZKel7r9XagyQcQJnC2927T9cI+4sSWfrkbBBHu5p7JNMzoXNLdn5TS2KG53H8/Enin8uRehxq0I3TbM6Rettih3YOHnYLT5hJWxYla/JtFBUVTcNPJXVBZN+wp4Z1drK8gqt0N6eLPZhHpPPafBM/YHQgk4pWPMBAC5MPPdXIPoEv4GfH49CXTRWnCEr9XinMDtkhDy2Ve1IP0KGmkoGGiy3l2AUVZQ6In4P+uCzPhgBeg+LzAtJOIEf49jm5riLvpKaQRw=,iv:N1MJcBzNLf77+cmKP7/ARZrCs1V8pbawQetKkcnd44Y=,tag:9OldKqVeEth17QjIyo97Fw==,type:str] NEXTCLOUD: ENC[AES256_GCM,data:IWitzubILQ5SrGdO3UQZboisqAECt5lXOqHVg4yAKxedG7ZLOgVp6jPV+4VVDC13KEkxIsiYjjNvjqnOXCdYWQIC13YZ+o2IBDI9PgavBB3nmjfi0Q7BVki6C8qCtbM5H9uFlQ3h7rkPyEbE3pHa3dY5uwgdtmvw3qKf2UAZGIJCU7dKamjuTCucGitOEG434jFQik9duHZs7EV3AZrkLXqOfdvftvdpciDb/4/K7h/4uEYSXJ94Lf0b16/NRUcR,iv:1UvcbqC3hJEHU9t6Z+N226DTJEcgM315ynYkxPKpYSM=,tag:FGkXlUw+7LRu1/cpMys7OA==,type:str] COLLABORA: ENC[AES256_GCM,data:cLGEziks5dyxTF1jugfpQE0l0nSkDP7MpROzCxCM94jv49sguA+d/SnY1olE8ZP9iCBnlvbMZyNR7uYo88B92Pmv8wVWfeuhHiHFIXh5aaOxntpt80UMg3Jy,iv:gmFG7C893QPuZ4rEqllAlUpNIXMcGsf9+/QCPLhWLTM=,tag:WpKHCUk6zhQRfFX2d6OPbQ==,type:str] ETHERPAD: ENC[AES256_GCM,data:PSr06GyOgY0HDNC4Hr2XUjbNUszGlfBjxDbrrKNQOqSMSVfZj4iFIGamrS72WO0un4U7IENx0T6CTBN/ELoq7J/+W9zf879uzKWuNaAulLVtBqrUbbqA7hTJpidnveZXzdwZRvlz/bU8kWAmXyhiDb2Q42Sz3BDb6duM3PO1AgG8Ko1pi2IemCPjO3uzudeT8FAlO8NnCUxKgwIKSz8CodOXFVGk66NX4xJd4ycfdNYXvKBNlzt1+WuWsZeZzeWmF7WD2dt4wWA9fWxB90fnth6ZV5LdeXjyYnzwkFOWoyNazgqV4jBv+aXKVwX4fYvspu13cVdrak3gc698bS2N1guDss4A/sfXMbtaYPGm98xXkqz1LP7sXQzKUdZf9sAS9gtOVv2tmg==,iv:uQ0Roe+XefzMjZCF3It+U2D1MWPMT5f6CPwlz0gQ5W0=,tag:wSgp0CVr6Y6M3eqcoTy8cw==,type:str] @@ -29,8 +29,8 @@ sops: S1NaTVFTL0FCdm1EQmRsUnlhclZNZlEKEgIe60qkvY8+UocjQU+WM2dTL/1y3Kqk d4RrlLP9NSozwVsPYI4ntygvMSApbT4v0YvoO7gV90lkGWEvW1YDfA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-05-12T23:00:07Z" - mac: ENC[AES256_GCM,data:g2Hbt81av0W6osMC3RcVPPkEPlrIeM4chlbQ1P+FrvxIQGWXvQlypnoYPLLBtfuXgUkASFJGQRM9dyUSvSwJczk3/HBoReZigyJRLNb5sfpF+YFHqplkX5hPDQ8iJDCWjpuIWiU0gH+hphm+V0nwB5o6iqeEkeZv8iIurEL/Des=,iv:hF4zb0fjonge/QmLpiOyghAMBAersVsWrOtk9oKPqbo=,tag:fusPQtNmQXS8u4/VB/L9SQ==,type:str] + lastmodified: "2026-05-13T19:47:52Z" + mac: ENC[AES256_GCM,data:D3KHbDG+hDIaKpNv0VtR5GgpUBe4iI6+19QwPmJb/VU32PfHlMtaYgvVKZ3NjHdLoFfEsHmIGZ+Pl8F0wn56HDCGJ0sbdT9DV6VTCKPik525gNsiDV0QcLALUWx2kxI/Um4gs33TxMIhFk6nldb5ufpNg7rf5I2VUyu8MpHBT+Y=,iv:yt9GStX9nJPo0aW055If1O1U9gPn3mvKwyCcVHxe0nY=,tag:ekXvfCkiQsUiXEKYSFPB1w==,type:str] pgp: - created_at: "2026-05-05T23:46:27Z" enc: |-