mkModule migration begin

modules/nixos/services/authentik/default.nix

@@ -8,6 +8,7 @@ with lib;
 let
   name = "authentik";
   cfg = config.${namespace}.services.${name};
+  cfgRac = config.${namespace}.services."authentikRac";
 
   authentikConfig = lib.${namespace}.mkModule {
     inherit config name;
@@ -26,17 +27,6 @@ let
           enable = mkDefault true;
           port = mkDefault 6379;
         };
-        
-        # postgresql = {
-        #   enable = mkDefault true;
-        #   ensureDatabases = [ name ];
-        #   ensureUsers = [
-        #     {
-        #       name = name;
-        #       ensureDBOwnership = true;
-        #     }
-        #   ];
-        # };
       };
 
       # Open firewall for authentik if enabled
@@ -48,11 +38,19 @@ let
           4822
         ];
       };
+    };
+  };
 
-      virtualisation.oci-containers.containers.authentik_rac = {
+  authentikRacConfig = lib.${namespace}.mkModule {
+    inherit config;
+    name = "authentikRac";
+    description = "authentik_rac Service";
+    options = { };
+    moduleConfig = {
+      virtualisation.oci-containers.containers."authenticRac" = {
         autoStart = true;
         image = "ghcr.io/goauthentik/rac";
-        ports = [ "4822:4822" ];
+        ports = [ "${toString cfgRac.port}:4822" ];
         volumes = [
           "${cfg.configDir}/authentik-rac:/media"
         ];
@@ -69,5 +67,8 @@ let
   };
 in
 {
-  imports = [ authentikConfig ];
+  imports = [
+    authentikConfig
+    authentikRacConfig
+  ];
 }

systems/x86_64-linux/jallen-nas/apps.nix

@@ -28,10 +28,15 @@ in
       };
       authentik = {
         enable = true;
-        # configureDb = true;
+        configureDb = true;
         port = 9000;
         environmentFile = "/run/secrets/jallen-nas/authentik-env";
       };
+      authentikRac = {
+        enable = true;
+        port = 4822;
+        # environmentFile = "/run/secrets/jallen-nas/authentik-env"; # TODO
+      };
       calibre = {
         enable = true;
         port = 8084;