outline: Remove dex

Now that SMTP is working, Dex does not serve a good purpose any longer. It might be somehting I'll think of in future, but the complexity of credential management for little benefit is something I'm not up for right now.
2023-06-10 13:57:16 +05:30 · 2023-06-10 13:57:16 +05:30 · 455259f5a2
commit 455259f5a2
parent 330607b315
1 changed files with 0 additions and 70 deletions
--- a/modules/outline.nix
+++ b/modules/outline.nix
@ -2,21 +2,11 @@
 {
  # Open paperless port, but only for local network
  networking.firewall.extraCommands = ''
-    iptables -A nixos-fw -p tcp --source 192.168.0.0/24 --dport 28981:28981 -j nixos-fw-accept
    iptables -A nixos-fw -p tcp --source 192.168.0.0/24 --dport 3000:3000 -j nixos-fw-accept
    iptables -A nixos-fw -p tcp --source 192.168.0.0/24 --dport 9909:9909 -j nixos-fw-accept
    iptables -A nixos-fw -p tcp --source 192.168.0.0/24 --dport 9910:9910 -j nixos-fw-accept
-    iptables -A nixos-fw -p tcp --source 192.168.0.0/24 --dport 5556:5556 -j nixos-fw-accept
  '';

-  systemd.services = {
-    dex.serviceConfig.StateDirectory = "dex";
-  };
-
-  systemd.tmpfiles.rules = [
-    "f /run/agenix/outline_gmail 0600 outline users -"
-  ];
-
  services = {
    minio = {
      enable = true;
@ -27,39 +17,6 @@
      rootCredentialsFile = "/run/agenix/minio";
    };

-    dex = {
-      enable = true;
-      settings = {
-        issuer = "https://dex.bhankas.org";
-        storage = {
-          type = "sqlite3";
-          config.file = "/var/lib/dex/db.sqlite3";
-        };
-        web.http = "127.0.0.1:5556";
-        staticClients = [
-          {
-            id = "outline";
-            name = "Outline Client";
-            redirectURIs = [
-              "https://outline.bhankas.org/auth/oidc.callback"
-            ];
-            secretFile = "${pkgs.writeText "outline-oidc-secret" "test123"}";
-          }
-        ];
-        connectors = [
-          {
-            type = "mockPassword";
-            id = "mock";
-            name = "example";
-            config = {
-              username = "bruce";
-              password = "wayne";
-            };
-          }
-        ];
-      };
-    };
-
    outline = {
      enable = true;
      port = 3000;
@ -91,16 +48,6 @@
        port = 465;
        passwordFile = "/run/agenix/gandalf_mail";
      };
-      oidcAuthentication = {
-        authUrl = "https://dex.bhankas.org/auth";
-        tokenUrl = "https://dex.bhankas.org/token";
-        userinfoUrl = "https://dex.bhankas.org/userinfo";
-        clientId = "outline";
-        clientSecretFile = (builtins.elemAt config.services.dex.settings.staticClients 0).secretFile;
-        scopes = [ "openid" "email" "profile" ];
-        usernameClaim = "preferred_username";
-        displayName = "Dex";
-      };
    };

    nginx = {
@ -129,18 +76,6 @@
            ;
          };
        };
-
-        "dex.bhankas.org" = {
-          addSSL = true;
-          enableACME = true;
-          locations."/" = {
-            proxyPass = "http://127.0.0.1:5556";
-            proxyWebsockets = false;
-            extraConfig =
-              "proxy_set_header Host $host;"
-            ;
-          };
-        };
      };
    };
  };
@ -157,11 +92,6 @@
        email = "admin@bhankas.org";
        dnsResolver = "1.1.1.1:53";
      };
-
-      "dex.bhankas.org" = {
-        email = "admin@bhankas.org";
-        dnsResolver = "1.1.1.1:53";
-      };
    };
  };
 }