norish
Example
{config, ...}: {
norish = {
enable = true;
masterKeyFile = config.sops.secrets."norish/master_key".path;
db.passwordFile = config.sops.secrets."norish/db_password".path;
oidc = {
enable = true;
clientSecretFile = config.sops.secrets."norish/authelia/client_secret".path;
clientSecretHash = "$pbkdf2-sha512$...";
};
};
}Stack Options
nps.stacks.norish.containers.norish
Alias of {option}services.podman.containers.norish.
nps.stacks.norish.containers.norish-browser
Alias of {option}services.podman.containers.norish-browser.
nps.stacks.norish.db.passwordFile
Path to the file containing the database password
nps.stacks.norish.db.username
Database user name
nps.stacks.norish.enable
Whether to enable norish.
nps.stacks.norish.masterKeyFile
Path to the file containing the master encryption key. Can be generated with openssl rand -base64 32.
See https://github.com/norish-recipes/norish?tab=readme-ov-file#required-variables
nps.stacks.norish.oidc.clientSecretFile
The file containing the client secret for the OIDC client that will be registered in Authelia.
nps.stacks.norish.oidc.clientSecretHash
The hashed client_secret. Will be set in the Authelia client config. For examples on how to generate a client secret, see
https://www.authelia.com/integration/openid-connect/frequently-asked-questions/#client-secret
nps.stacks.norish.oidc.enable
Whether to enable OIDC login with Authelia. This will register an OIDC client in Authelia and setup the necessary configuration.
For details, see:
nps.stacks.norish.oidc.userGroup
Users of this group will be able to log in