dahjah/headplane_headscale_nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6 Commits 1 Branch 0 Tags 1.3 MiB
Nix 100%
7c1bdb2c54
Go to file
David Gillespie 7c1bdb2c54 feat: Complete Keycloak OIDC integration for Headplane 
- Added Keycloak service with PostgreSQL backend
- Configured OIDC for both Headscale and Headplane
- Added systemd service to auto-create /var/lib/headplane directory
- Updated Keycloak realm JSON with required client scopes (openid, profile, email)
- Generated and configured Headscale API key for Headplane OIDC
- Added production hardening: auto-restart, garbage collection, boot cleanup

The setup now supports:
- User login via Keycloak OIDC at https://auth.kennys.mom
- Headplane web UI with SSO at https://headplane.kennys.mom/admin
- Fallback API key authentication
- Automated secret generation and permissions management
2025-12-05 17:37:53 -07:00
backup-monitoring.nix feat: Complete Keycloak OIDC integration for Headplane 2025-12-05 17:37:53 -07:00
configuration.nix feat: Complete Keycloak OIDC integration for Headplane 2025-12-05 17:37:53 -07:00
flake.lock fix: Add auto-restart config and restore required Headplane settings 2025-12-05 16:00:17 -07:00
flake.nix feat: Complete Keycloak OIDC integration for Headplane 2025-12-05 17:37:53 -07:00
hardware-configuration.nix feat: Complete Headscale and Headplane setup with Nginx subdomain, ACL policy fix, and API mismatch patch 2025-12-02 00:22:58 -07:00
headscale.nix feat: Complete Keycloak OIDC integration for Headplane 2025-12-05 17:37:53 -07:00
keycloak-headscale-realm.json feat: Complete Keycloak OIDC integration for Headplane 2025-12-05 17:37:53 -07:00
keycloak.nix feat: Complete Keycloak OIDC integration for Headplane 2025-12-05 17:37:53 -07:00
oidc-secret.nix feat: Complete Keycloak OIDC integration for Headplane 2025-12-05 17:37:53 -07:00