From 0930056698e47c5dda75bce0a6d7ef306c7497df Mon Sep 17 00:00:00 2001 From: Ellis Rahhal Date: Mon, 3 Feb 2025 23:41:59 -0800 Subject: [PATCH] updated headscale config --- configuration.nix | 4 +--- secrets-unencrypted/headplane.yaml | 9 +++++++++ 2 files changed, 10 insertions(+), 3 deletions(-) create mode 100644 secrets-unencrypted/headplane.yaml diff --git a/configuration.nix b/configuration.nix index 3a0ccf1..d3ef5ce 100644 --- a/configuration.nix +++ b/configuration.nix @@ -131,12 +131,10 @@ enable = true; secrets = { tailscale-key = config.sops.secrets."tailscale/key".path; + headplane-env = config.sops.secrets."headplane/env".path; }; }; - headscale-ui = { - enable = true; - }; jellyfin = { enable = true; diff --git a/secrets-unencrypted/headplane.yaml b/secrets-unencrypted/headplane.yaml new file mode 100644 index 0000000..c2b59ea --- /dev/null +++ b/secrets-unencrypted/headplane.yaml @@ -0,0 +1,9 @@ +headplane: + env: |- + # This is always required for Headplane to work + COOKIE_SECRET= + # This NEEDS to be set with OIDC, regardless of what's in the config + # This needs to be a very long-lived (999 day) API key used to create + # shorter ones for OIDC and allow the OIDC functionality to work + ROOT_API_KEY= + # OIDC_CLIENT_SECRET=super_secret_client_secret