tamipes/authentik-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

module: use TZ environment variable to set UTC timezone instead of overriding system zone

Browse source
This commit is contained in:
Quentin Smith 2024-02-15 19:32:06 -05:00 committed by WilliButz
parent d2a70db150
commit c178d820d7
No known key found for this signature in database
GPG key ID: AB05DF703EB9DC70
1 changed files with 6 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

9
module.nix
View file

@ -142,6 +142,9 @@ in
(mkIf config.services.authentik.enable (let (mkIf config.services.authentik.enable (let
cfg = config.services.authentik; cfg = config.services.authentik;
# https://goauthentik.io/docs/installation/docker-compose#startup
tz = "UTC";
# Passed to each service and to the `ak` wrapper using `systemd-run(1)` # Passed to each service and to the `ak` wrapper using `systemd-run(1)`
serviceDefaults = { serviceDefaults = {
DynamicUser = true; DynamicUser = true;
@ -198,9 +201,6 @@ in
'') '')
]; ];
# https://goauthentik.io/docs/installation/docker-compose#explanation
time.timeZone = "UTC";
environment.etc."authentik/config.yml".source = settingsFormat.generate "authentik.yml" cfg.settings; environment.etc."authentik/config.yml".source = settingsFormat.generate "authentik.yml" cfg.settings;
systemd.services = { systemd.services = {
@ -211,6 +211,7 @@ in
after = [ "network-online.target" ] ++ lib.optionals cfg.createDatabase [ "postgresql.service" ]; after = [ "network-online.target" ] ++ lib.optionals cfg.createDatabase [ "postgresql.service" ];
before = [ "authentik.service" ]; before = [ "authentik.service" ];
restartTriggers = [ config.environment.etc."authentik/config.yml".source ]; restartTriggers = [ config.environment.etc."authentik/config.yml".source ];
environment.TZ = tz;
serviceConfig = mkMerge [ serviceDefaults { serviceConfig = mkMerge [ serviceDefaults {
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;
@ -233,6 +234,7 @@ in
preStart = '' preStart = ''
ln -svf ${config.services.authentik.authentikComponents.staticWorkdirDeps}/* /run/authentik/ ln -svf ${config.services.authentik.authentikComponents.staticWorkdirDeps}/* /run/authentik/
''; '';
environment.TZ = tz;
serviceConfig = mkMerge [ serviceDefaults { serviceConfig = mkMerge [ serviceDefaults {
RuntimeDirectory = "authentik"; RuntimeDirectory = "authentik";
WorkingDirectory = "%t/authentik"; WorkingDirectory = "%t/authentik";
@ -257,6 +259,7 @@ in
ln -svf ${cfg.authentikComponents.staticWorkdirDeps}/* /var/lib/authentik/ ln -svf ${cfg.authentikComponents.staticWorkdirDeps}/* /var/lib/authentik/
mkdir -p ${cfg.settings.paths.media} mkdir -p ${cfg.settings.paths.media}
''; '';
environment.TZ = tz;
serviceConfig = mkMerge [ serviceDefaults { serviceConfig = mkMerge [ serviceDefaults {
Environment = [ Environment = [
"AUTHENTIK_ERROR_REPORTING__ENABLED=false" "AUTHENTIK_ERROR_REPORTING__ENABLED=false"