From 2d03954a9fa0a1e44a91d76e36395c275ae8ad3b Mon Sep 17 00:00:00 2001
From: mjallen18 <matt.l.jallen@gmail.com>
Date: Sun, 14 Dec 2025 22:54:01 -0600
Subject: [PATCH] mkModule migration begin

---
 modules/nixos/services/authentik/default.nix | 29 ++++++++++----------
 systems/x86_64-linux/jallen-nas/apps.nix     |  7 ++++-
 2 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/modules/nixos/services/authentik/default.nix b/modules/nixos/services/authentik/default.nix
index 0fa8176..cfec5a8 100644
--- a/modules/nixos/services/authentik/default.nix
+++ b/modules/nixos/services/authentik/default.nix
@@ -8,6 +8,7 @@ with lib;
 let
   name = "authentik";
   cfg = config.${namespace}.services.${name};
+  cfgRac = config.${namespace}.services."authentikRac";
 
   authentikConfig = lib.${namespace}.mkModule {
     inherit config name;
@@ -26,17 +27,6 @@ let
           enable = mkDefault true;
           port = mkDefault 6379;
         };
-        
-        # postgresql = {
-        #   enable = mkDefault true;
-        #   ensureDatabases = [ name ];
-        #   ensureUsers = [
-        #     {
-        #       name = name;
-        #       ensureDBOwnership = true;
-        #     }
-        #   ];
-        # };
       };
 
       # Open firewall for authentik if enabled
@@ -48,11 +38,19 @@ let
           4822
         ];
       };
+    };
+  };
 
-      virtualisation.oci-containers.containers.authentik_rac = {
+  authentikRacConfig = lib.${namespace}.mkModule {
+    inherit config;
+    name = "authentikRac";
+    description = "authentik_rac Service";
+    options = { };
+    moduleConfig = {
+      virtualisation.oci-containers.containers."authenticRac" = {
         autoStart = true;
         image = "ghcr.io/goauthentik/rac";
-        ports = [ "4822:4822" ];
+        ports = [ "${toString cfgRac.port}:4822" ];
         volumes = [
           "${cfg.configDir}/authentik-rac:/media"
         ];
@@ -69,5 +67,8 @@ let
   };
 in
 {
-  imports = [ authentikConfig ];
+  imports = [
+    authentikConfig
+    authentikRacConfig
+  ];
 }
diff --git a/systems/x86_64-linux/jallen-nas/apps.nix b/systems/x86_64-linux/jallen-nas/apps.nix
index 7973c3e..292fc67 100755
--- a/systems/x86_64-linux/jallen-nas/apps.nix
+++ b/systems/x86_64-linux/jallen-nas/apps.nix
@@ -28,10 +28,15 @@ in
       };
       authentik = {
         enable = true;
-        # configureDb = true;
+        configureDb = true;
         port = 9000;
         environmentFile = "/run/secrets/jallen-nas/authentik-env";
       };
+      authentikRac = {
+        enable = true;
+        port = 4822;
+        # environmentFile = "/run/secrets/jallen-nas/authentik-env"; # TODO
+      };
       calibre = {
         enable = true;
         port = 8084;