diff --git a/nixos/server/gallery.nix b/nixos/server/gallery.nix index 5c38cc5c4c594a8853c6e09065d9004b5d58822f..5d01f41168a12cf8ef10aff61dea1aa9eaaaeefe 100644 --- a/nixos/server/gallery.nix +++ b/nixos/server/gallery.nix @@ -25,10 +25,23 @@ PHOTOPRISM_DATABASE_SERVER = "/run/mysqld/mysqld.sock"; PHOTOPRISM_DATABASE_NAME = "photoprism"; PHOTOPRISM_DATABASE_USER = "photoprism"; + + PHOTOPRISM_LOG_LEVEL = "debug"; + + PHOTOPRISM_OIDC_URI = "https://auth.eisfunke.com/application/o/eisfunkegallery/"; + PHOTOPRISM_OIDC_CLIENT = "bgZd35W6isBUnkDnLIqDA1HGlVbjNdauxfAZvxvE"; + #PHOTOPRISM_OIDC_SECRET is set in environmentfile + #PHOTOPRISM_OIDC_SCOPES = ""; + PHOTOPRISM_OIDC_PROVIDER = "EisfunkeAuth"; + #PHOTOPRISM_OIDC_ICON = ""; + #PHOTOPRISM_OIDC_REDIRECT = ""; TODO activate + PHOTOPRISM_OIDC_REGISTER = "true"; # TODO don't forget to set permissions in authentik! + #PHOTOPRISM_OIDC_USERNAME = ""; + #PHOTOPRISM_OIDC_WEBDAV = ""; }; }; - # sponsor features are enabled here + # sponsor features and OIDC secret systemd.services.photoprism.serviceConfig.EnvironmentFile = config.age.secrets.server_gallery.path; # sadly PhotoPrism doesn't support PostgreSQL diff --git a/res/secrets/server/gallery.age b/res/secrets/server/gallery.age index 6485d5b657e6f7905cdcf020dac874cb987ab9f5..0121a0b6194f7cdab294906fdf3690f33552861a 100644 Binary files a/res/secrets/server/gallery.age and b/res/secrets/server/gallery.age differ