rename oidcEndpoint option to authEndpoint

ibizaman · Nov 30, 2023 · 0ae7220 · 0ae7220
1 parent 54ce26e
commit 0ae7220
Show file tree

Hide file tree

Showing 8 changed files with 25 additions and 24 deletions.
diff --git a/README.md b/README.md
@@ -467,7 +467,7 @@ shb.hledger = {
   enable = true;
   subdomain = "hledger";
   domain = "example.com";
-  oidcEndpoint = "https://authelia.example.com";
+  authEndpoint = "https://authelia.example.com";
   localNetworkIPRange = "192.168.1.0/24";
 };
 shb.backup.instances.hledger = # Same as the examples above
@@ -493,7 +493,7 @@ shb.jellyfin = {
   ldapHost = "127.0.0.1";
   ldapPort = 3890;
   dcdomain = config.shb.ldap.dcdomain;
-  oidcEndpoint = "https://${config.shb.authelia.subdomain}.${config.shb.authelia.domain}";
+  authEndpoint = "https://${config.shb.authelia.subdomain}.${config.shb.authelia.domain}";
   oidcClientID = "jellyfin";
   oidcUserGroup = "jellyfin_user";
   oidcAdminUserGroup = "jellyfin_admin";

diff --git a/modules/blocks/nginx.nix b/modules/blocks/nginx.nix
@@ -19,9 +19,10 @@ let
         example = "mydomain.com";
       };
 
-      oidcEndpoint = lib.mkOption {
-        type = lib.types.str;
-        description = "OIDC endpoint for SSO.";
+      authEndpoint = lib.mkOption {
+        type = lib.types.nullOr lib.types.str;
+        description = "Auth endpoint for SSO.";
+        default = null;
         example = "https://authelia.example.com";
       };
 
@@ -142,16 +143,16 @@ in
               # proxy_set_header Cookie $new_cookie;
 
               auth_request_set $redirect $scheme://$http_host$request_uri;
-              error_page 401 =302 ${c.oidcEndpoint}?rd=$redirect;
-              error_page 403 = ${c.oidcEndpoint}/error/403;
+              error_page 401 =302 ${c.authEndpoint}?rd=$redirect;
+              error_page 403 = ${c.authEndpoint}/error/403;
 
               proxy_pass ${c.upstream};
             '';
 
             # Virtual endpoint created by nginx to forward auth requests.
             locations."/authelia".extraConfig = ''
               internal;
-              proxy_pass ${c.oidcEndpoint}/api/verify;
+              proxy_pass ${c.authEndpoint}/api/verify;
 
               proxy_set_header X-Forwarded-Host $host;
               proxy_set_header X-Original-URI $request_uri;

diff --git a/modules/services/arr.nix b/modules/services/arr.nix
@@ -152,7 +152,7 @@ let
           default = "/var/lib/${name}";
         };
 
-        oidcEndpoint = lib.mkOption {
+        authEndpoint = lib.mkOption {
           type = lib.types.nullOr lib.types.str;
           default = null;
           description = "Endpoint to the SSO provider. Leave null to not have SSO configured.";
@@ -297,8 +297,8 @@ config.xml" templatedSettings) "${config.services.radarr.dataDir}/config.xml" (
             let
               c = cfg.${name};
             in
-              lib.mkIf (c.oidcEndpoint != null) {
-                inherit (c) subdomain domain oidcEndpoint;
+              lib.mkIf (c.authEndpoint != null) {
+                inherit (c) subdomain domain authEndpoint;
                 upstream = "http://127.0.0.1:${toString c.port}";
                 autheliaRules = [
                   {

diff --git a/modules/services/deluge.nix b/modules/services/deluge.nix
@@ -57,7 +57,7 @@ in
       example = "/srv/torrents";
     };
 
-    oidcEndpoint = lib.mkOption {
+    authEndpoint = lib.mkOption {
       type = lib.types.str;
       description = "OIDC endpoint for SSO";
       example = "https://authelia.example.com";
@@ -172,7 +172,7 @@ in
 
     shb.nginx.autheliaProtect = [
       {
-        inherit (cfg) subdomain domain oidcEndpoint;
+        inherit (cfg) subdomain domain authEndpoint;
         upstream = "http://127.0.0.1:${toString config.services.deluge.web.port}";
         autheliaRules = [{
           domain = fqdn;

diff --git a/modules/services/hledger.nix b/modules/services/hledger.nix
@@ -34,7 +34,7 @@ in
       example = "192.168.1.1/24";
     };
 
-    oidcEndpoint = lib.mkOption {
+    authEndpoint = lib.mkOption {
       type = lib.types.str;
       description = "OIDC endpoint for SSO";
       example = "https://authelia.example.com";
@@ -74,7 +74,7 @@ in
 
     shb.nginx.autheliaProtect = [
       {
-        inherit (cfg) subdomain domain oidcEndpoint;
+        inherit (cfg) subdomain domain authEndpoint;
         upstream = "http://${toString config.services.hledger-web.host}:${toString config.services.hledger-web.port}";
         autheliaRules = [{
           domain = fqdn;

diff --git a/modules/services/jellyfin.nix b/modules/services/jellyfin.nix
@@ -57,7 +57,7 @@ in
       default = "Authelia";
     };
 
-    oidcEndpoint = lib.mkOption {
+    authEndpoint = lib.mkOption {
       type = lib.types.str;
       description = "OIDC endpoint for SSO";
       example = "https://authelia.example.com";
@@ -287,7 +287,7 @@ in
                 </key>
                 <value>
                   <PluginConfiguration>
-                    <OidEndpoint>${cfg.oidcEndpoint}</OidEndpoint>
+                    <OidEndpoint>${cfg.authEndpoint}</OidEndpoint>
                     <OidClientId>${cfg.oidcClientID}</OidClientId>
                     <OidSecret>%SSO_SECRET%</OidSecret>
                     <Enabled>true</Enabled>
@@ -324,7 +324,7 @@ in
               &lt;a href="https://${cfg.subdomain}.${cfg.domain}/SSOViews/linking" class="raised cancel block emby-button authentik-sso"&gt;
                 Link ${cfg.oidcProvider} config&amp;nbsp;
               &lt;/a&gt;
-              &lt;a href="${cfg.oidcEndpoint}" class="raised cancel block emby-button authentik-sso"&gt;
+              &lt;a href="${cfg.authEndpoint}" class="raised cancel block emby-button authentik-sso"&gt;
                 ${cfg.oidcProvider} config&amp;nbsp;
               &lt;/a&gt;
             </LoginDisclaimer>

diff --git a/modules/services/vaultwarden.nix b/modules/services/vaultwarden.nix
@@ -45,7 +45,7 @@ in
       example = "ldap.example.com";
     };
 
-    oidcEndpoint = lib.mkOption {
+    authEndpoint = lib.mkOption {
       type = lib.types.str;
       description = "OIDC endpoint for SSO";
       example = "https://authelia.example.com";
@@ -162,7 +162,7 @@ in
 
     shb.nginx.autheliaProtect = [
       {
-        inherit (cfg) subdomain domain oidcEndpoint;
+        inherit (cfg) subdomain domain authEndpoint;
         upstream = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";
         autheliaRules = [
           {

diff --git a/test/modules/arr.nix b/test/modules/arr.nix
@@ -84,7 +84,7 @@ in
             }
           ];
           domain = "example.com";
-          oidcEndpoint = "https://oidc.example.com";
+          authEndpoint = "https://oidc.example.com";
           subdomain = "radarr";
           upstream = "http://127.0.0.1:7001";
         }
@@ -111,7 +111,7 @@ in
         subdomain = "radarr";
         domain = "example.com";
         enable = true;
-        oidcEndpoint = "https://oidc.example.com";
+        authEndpoint = "https://oidc.example.com";
         settings = {
           APIKeyFile = "/run/radarr/apikey";
         };
@@ -158,7 +158,7 @@ in
             }
           ];
           domain = "example.com";
-          oidcEndpoint = "https://oidc.example.com";
+          authEndpoint = "https://oidc.example.com";
           subdomain = "radarr";
           upstream = "http://127.0.0.1:7001";
         }
@@ -185,7 +185,7 @@ in
         subdomain = "radarr";
         domain = "example.com";
         enable = true;
-        oidcEndpoint = "https://oidc.example.com";
+        authEndpoint = "https://oidc.example.com";
         settings = {
           APIKeyFile = "/run/radarr/apikey";
         };