From c6e471febf9e2165b00af374fd34d2d748b0c52a Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Fri, 18 Aug 2023 20:15:41 +0200
Subject: [PATCH] add nextcloud oidc

---
 todos.md                            |  1 +
 utils/modules/authelia/default.nix  | 17 ++++++++++++++++-
 utils/modules/nextcloud/default.nix |  6 +++++-
 3 files changed, 22 insertions(+), 2 deletions(-)
 create mode 100644 todos.md

diff --git a/todos.md b/todos.md
new file mode 100644
index 0000000..89fd01c
--- /dev/null
+++ b/todos.md
@@ -0,0 +1 @@
+move modules for hosts into respecting hosts directory so not every host gets rebuilded when one module changes
diff --git a/utils/modules/authelia/default.nix b/utils/modules/authelia/default.nix
index 39720e4..f396c14 100644
--- a/utils/modules/authelia/default.nix
+++ b/utils/modules/authelia/default.nix
@@ -156,7 +156,22 @@
               ];
               userinfo_signing_algorithm = "none";
             }
-          ];
+            {
+              id = "nextcloud";
+              description = "Nextcloud";
+              secret = "$pbkdf2-sha512$310000$UqX35Fh.7uTZLQqD.mk5wg$e139D4g9SGUFc.ZdKt3RAZljC8A7C9nixUQd7rQoHFMKop643SuwfazjNn0ehdyAjydM2zV.KzKnMLgSajo.xw";
+              public = false;
+              authorization_policy = "one_factor";
+              redirect_uris = [ "https://nextcloud.cloonar.com/apps/oidc_login/oidc" ];
+              pre_configured_consent_duration = "1y";
+              scopes = [
+                "openid"
+                "profile"
+                "email"
+              ];
+              userinfo_signing_algorithm = "none";
+            }
+           ];
         };
       };
     };
diff --git a/utils/modules/nextcloud/default.nix b/utils/modules/nextcloud/default.nix
index 892ee07..1081fe6 100644
--- a/utils/modules/nextcloud/default.nix
+++ b/utils/modules/nextcloud/default.nix
@@ -13,7 +13,11 @@
     # Instead of using pkgs.nextcloud27Packages.apps,
     # we'll reference the package version specified above
     extraApps = with config.services.nextcloud.package.packages.apps; {
-      inherit contacts calendar tasks;
+      inherit contacts calendar tasks deck;
+      oidc_login = pkgs.fetchNextcloudApp rec {
+        url = "https://github.com/pulsejet/nextcloud-oidc-login/releases/download/v2.6.0/oidc_login.tar.gz";
+        sha256 = "sha256-MZ/Pgqrb8Y9aH1vd3BfuPhfLOmYyZQO2xVasdj+rCo4=";
+      };
     };
     extraAppsEnable = true;