remove headscale oidc

2025-01-16 22:08:27 +02:00
parent 2e622769d8
commit 6f34e0a4e4
3 changed files with 0 additions and 24 deletions
--- a/hosts/fwminex/configuration.nix
+++ b/hosts/fwminex/configuration.nix
@@ -17,7 +17,6 @@ in
    motiejus-server-passwd-hash.file = ../../secrets/motiejus_server_passwd_hash.age;
    root-server-passwd-hash.file = ../../secrets/root_server_passwd_hash.age;
    sasl-passwd.file = ../../secrets/postfix_sasl_passwd.age;
-    headscale-client-oidc.file = ../../secrets/headscale/oidc_client_secret2.age;
    borgbackup-password.file = ../../secrets/fwminex/borgbackup-password.age;
    grafana-oidc.file = ../../secrets/grafana.jakstys.lt/oidc.age;
    letsencrypt-account-key.file = ../../secrets/letsencrypt/account.key.age;
@@ -484,7 +483,6 @@ in

      headscale = {
        enable = true;
-        clientOidcPath = config.age.secrets.headscale-client-oidc.path;
        subnetCIDR = myData.subnets.tailscale.cidr;
      };

--- a/modules/services/headscale/default.nix
+++ b/modules/services/headscale/default.nix
@@ -7,7 +7,6 @@
 {
  options.mj.services.headscale = with lib.types; {
    enable = lib.mkEnableOption "Enable headscale";
-    clientOidcPath = lib.mkOption { type = str; };
    subnetCIDR = lib.mkOption { type = str; };
  };

@@ -38,11 +37,6 @@
            # https://github.com/juanfont/headscale/issues/2210
            base_domain = "jakst.vpn";
          };
-          oidc = {
-            issuer = "https://git.jakstys.lt/";
-            client_id = "e25c15ea-41ca-4bf0-9ebf-2be9f2d1ccea";
-            client_secret_path = "\${CREDENTIALS_DIRECTORY}/oidc-client-secret";
-          };
        };
      };

@@ -56,9 +50,6 @@
      # is higher.
      unitConfig.StartLimitBurst = 50;
      serviceConfig.RestartSec = 1;
-      serviceConfig.LoadCredential = [
-        "oidc-client-secret:${config.mj.services.headscale.clientOidcPath}"
-      ];
    };
  };
 }
--- a/secrets/headscale/oidc_client_secret2.age
+++ b/secrets/headscale/oidc_client_secret2.age
@@ -1,13 +0,0 @@
-age-encryption.org/v1
-> ssh-ed25519 fqSa6A zBE91VMJiFQqtIOo9wc70kHIb+ISugITzIbtXzbnMV4
-3suBck77JiCRiEzxMHoMEVgug05s8fV4gurwNS/I26A
-> X25519 WXDyIdP1lV0IaoW5okBVQphu0GHAxNhCCS/5uxgp2Cs
-h5rXmCKC6tFEw8ZJ84TbKY80np0eTqjg60Sbb0waiJU
-> X25519 PpHRfpv7p9HWPFBxO42D/3//0eiQmFLwHK6OPwZsRnI
-rcyeqQ0o9cqRNU/CcpxnX/gIkm5mwbI8IleQrwcW6dI
-> piv-p256 +y2G/w AqNviaDjTA/B8NAnqMkMoxTSnD9BC2BFshRWBIQc+49J
-meE2k1uR3DURxfkSluCy5Qlm1TpaAggE5p6qf+Ozkzs
-> piv-p256 jNqd3A ApGmH6rAxjCU3DPPgQQf/QZZQ/BCHrSElNYM8+3GQ7bN
-6DVAgICf2NHCvAJVcNZiN8Wv5CXO26m7zFN/6NVgAu0
--- rtgu3vdqhJS07cH6kotCS9Pjbs5z/JujFYcKNKbLzEc
-&F<11>Lh吏<68>~<1F><>x<><78><EFBFBD>=T<18>X<EFBFBD><58>U4<55>)]<5D>}{zL_c"<22>3<EFBFBD><33><EFBFBD><EFBFBD>,<2C>)~<7E><><EFBFBD>7B<08>'<16>¯<EFBFBD>H<EFBFBD><48>J<EFBFBD><4A>Ft ю<13>=<3D>I<EFBFBD><49><EFBFBD>d