From ff880ce1e763d4f3a0a3a56bff9d77a5dea1e18a Mon Sep 17 00:00:00 2001
From: mjallen18 <matt.l.jallen@gmail.com>
Date: Fri, 4 Oct 2024 16:07:51 -0500
Subject: [PATCH] add more authentik

---
 hosts/nas/impermanence.nix          | 6 ++++++
 modules/apps/open-webui/default.nix | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/hosts/nas/impermanence.nix b/hosts/nas/impermanence.nix
index 4ff1508..6ba1fa9 100644
--- a/hosts/nas/impermanence.nix
+++ b/hosts/nas/impermanence.nix
@@ -11,6 +11,12 @@
       "/var/lib/systemd/coredump"
       "/etc/NetworkManager/system-connections"
       "/etc/secureboot"
+      {
+        directory = "/var/lib/private/authentik/media";
+        user = "authentik";
+        group = "authentik";
+        mode = "u=rwx,g=rx,o=rx";
+      }
       {
         directory = "/var/lib/colord";
         user = "colord";
diff --git a/modules/apps/open-webui/default.nix b/modules/apps/open-webui/default.nix
index 35df6b6..f2f769a 100644
--- a/modules/apps/open-webui/default.nix
+++ b/modules/apps/open-webui/default.nix
@@ -23,6 +23,12 @@ in
         PUID = cfg.puid;
         PGID = cfg.pgid;
         TZ = cfg.timeZone;
+        OAUTH_CLIENT_ID = "P4YrtPrdwoQkwYs4e5AHQx7xiz4FV6OpT24rjqXa";
+        OAUTH_CLIENT_SECRET = "XpZ1Y9RUMD6FVxBSxg8evHkRYuSUJ3saN99uCFfeNo4Z8vrmnqZBHJQzSSCFig1fgqEYCr3SmcOvCHGHUsz9FJT2aZFlZxKv6bZZpuMQYASHiQtuX2pTVEspiNab3129";
+        OPENID_PROVIDER_URL = "https://authentik.mjallen.dev/application/o/chat/.well-known/openid-configuration";
+        OPENID_PROVIDER_NAME = "authentik";
+        ENABLE_OAUTH_SIGNUP = "true";
+        OAUTH_MERGE_ACCOUNTS_BY_EMAIL = "true";
       };
     };
   };