19 lines
460 B
Nix
19 lines
460 B
Nix
{ ... }:
|
|
|
|
{
|
|
resource.vault_jwt_auth_backend.oidc = {
|
|
default_role = "user";
|
|
namespace_in_state = true;
|
|
|
|
oidc_discovery_url = "https://accounts.google.com";
|
|
oidc_client_id = "620300851636-6ha1a7t9r4gatrn9gdqa82toem3cbq3b.apps.googleusercontent.com";
|
|
# oidc_client_secret in secrets.nix
|
|
};
|
|
|
|
my.authBackend.oidc = {
|
|
resourceType = "vault_jwt_auth_backend";
|
|
|
|
tune.default_lease_ttl = "24h";
|
|
tune.max_lease_ttl = "24h";
|
|
};
|
|
}
|