<<<<<<< HEAD { config, pkgs ... }: let inherit (config.serverConfig) vhosts; inherit (config.networking) domain; in in { age.secrets.authentik_env = { file = ../secrets/authentik_env.age; # owner = "authentik"; # group = "authentik"; mode = "0600"; }; services.authentik = { # enable = true; # The environmentFile needs to be on the target host! # Best use something like sops-nix or agenix to manage it environmentFile = config.age.secrets.authentik_env.path; # authentikComponents = { # staticWorkdirDeps = pkgs.authentikComponents.staticWorkdirDeps; # }; settings = { email = rec { host = vhosts.mail_host.host; port = 465; username = "admin@${domain}"; use_tls = true; use_ssl = true; from = username; }; disable_startup_analytics = true; avatars = "initials"; }; }; }