From 115ca9f4f00445edc3fb0940a0d9369c6fac86cb Mon Sep 17 00:00:00 2001
From: eyjhb <eyjhbb@gmail.com>
Date: Fri, 9 Aug 2024 22:11:21 +0200
Subject: [PATCH] gerd.authelia: add example forgejo configuration

---
 machines/gerd/services/authelia.nix | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/machines/gerd/services/authelia.nix b/machines/gerd/services/authelia.nix
index 61a6088..16101c3 100644
--- a/machines/gerd/services/authelia.nix
+++ b/machines/gerd/services/authelia.nix
@@ -51,6 +51,29 @@ in {
     };
   };
 
+  # example configuration for forgejo. Should live in forgejo.nix if needed
+  # services.authelia.instances.main.settings.identity_providers.oidc.clients = [{
+  #   id = "forgejo";
+  #   description = "Forgejo";
+
+  #   # authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986
+  #   secret = "$pbkdf2-sha512$310000$cOGtLwMHyfugAJCIiUUjfQ$ao7zC8QB1m8aTGNf1dxYbRAPivZ0G1eaJ4bNFVfJiTFZX06U5baBjT0emvoaeFHXMFbYHzorb2/8vxnY/D0b5Q";
+
+  #   public = false;
+  #   authorization_policy = "one_factor";
+  #   redirect_uris = [ "https://git.fricloud.dk/user/oauth2/authelia/callback" ];
+  #   scopes = [
+  #     "openid"
+  #     "email"
+  #     "profile"
+  #   ];
+
+  #   userinfo_signing_algorithm = "none";
+  #   # userinfo_signed_response_alg = "none";
+  #   # token_endpoint_auth_method = "client_secret_basic";
+  # }];
+
+
   services.nginx.virtualHosts."auth.fricloud.dk" = {
     forceSSL = true;
     enableACME = true;