william/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nix-config/hosts/alexandria
History
William 258bcac597 Integrate Kanidm with Nextcloud via OIDC 
Added Kanidm identity provider integration with Nextcloud:
- Enabled Kanidm client in kanidm.nix for CLI access
- Added user_oidc app to Nextcloud for OpenID Connect authentication
- Configured allow_local_remote_servers to permit Nextcloud to reach
  Kanidm at auth.baduhai.dev (resolves to local IP 192.168.15.142)

OAuth2 client configuration (done via kanidm CLI):
- Client ID: nextcloud
- Scopes: openid, email, profile mapped to idm_all_accounts group
- Redirect URI: https://cloud.baduhai.dev/apps/user_oidc/code
- User mapping: name claim maps to Nextcloud username

This allows users to authenticate to Nextcloud using their Kanidm
credentials, with existing Nextcloud accounts linked via username.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-08 23:56:40 -03:00
..
hardware-configuration.nix now using flake-parts; refactored nixosConfigurations; using hm standalone 2025-10-14 19:28:30 -03:00
jellyfin.nix Switch from wildcard to per-domain SSL certificates 2025-11-08 21:47:41 -03:00
kanidm.nix Integrate Kanidm with Nextcloud via OIDC 2025-11-08 23:56:40 -03:00
nextcloud.nix Integrate Kanidm with Nextcloud via OIDC 2025-11-08 23:56:40 -03:00
nginx.nix Switch ACME to DNS-01 challenge with auto-configured certificates 2025-11-08 22:53:18 -03:00
unbound.nix Split DNS servers: alexandria for LAN, trantor for tailnet 2025-11-08 21:35:53 -03:00
vaultwarden.nix Switch from wildcard to per-domain SSL certificates 2025-11-08 21:47:41 -03:00