Merge pull request #303224 from 0z13/oauth2_proxy-add-issuer-url

nixos/oauth2_proxy: add oidc-issuer-url flag
author: Sandro <sandro.jaeckel@gmail.com> 2024-04-21 19:49:59 +0200
committer: GitHub <noreply@github.com> 2024-04-21 19:49:59 +0200
commit: a3739c256323c3c0576fac505f5792dbab8435e0 (patch)
tree: d5b4d4410395791b4dfbbf9d2e7b3ac48fb66284 /nixos/modules
parent: dc8b10645a87e314d8cb78a03ac377631aa972e8 (diff)
parent: 87bbc5fbbed9265649c90c2567cc9df6df5266bc (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/modules/services/security/oauth2_proxy.nix b/nixos/modules/services/security/oauth2_proxy.nix
index abf1ce9ba0200..d2992a196bf87 100644
--- a/nixos/modules/services/security/oauth2_proxy.nix
+++ b/nixos/modules/services/security/oauth2_proxy.nix
@@ -47,6 +47,7 @@ let
     reverse-proxy = reverseProxy;
     proxy-prefix = proxyPrefix;
     profile-url = profileURL;
+    oidc-issuer-url = oidcIssuerUrl;
     redeem-url = redeemURL;
     redirect-url = redirectURL;
     request-logging = requestLogging;
@@ -131,6 +132,15 @@ in
       example = "123456.apps.googleusercontent.com";
     };
 
+    oidcIssuerUrl = mkOption {
+      type = types.nullOr types.str;
+      default = null;
+      description = ''
+        The OAuth issuer URL.
+      '';
+      example = "https://login.microsoftonline.com/{TENANT_ID}/v2.0";
+    };
+
     clientSecret = mkOption {
       type = types.nullOr types.str;
       description = ''
author	Sandro <sandro.jaeckel@gmail.com>	2024-04-21 19:49:59 +0200
committer	GitHub <noreply@github.com>	2024-04-21 19:49:59 +0200
commit	a3739c256323c3c0576fac505f5792dbab8435e0 (patch)
tree	d5b4d4410395791b4dfbbf9d2e7b3ac48fb66284 /nixos/modules
parent	dc8b10645a87e314d8cb78a03ac377631aa972e8 (diff)
parent	87bbc5fbbed9265649c90c2567cc9df6df5266bc (diff)