back round 1 view raw

feat(kavita): wait for OIDC to start #106

merged
opened by a.starrysky.fyi targeting main from private/minion/push-wznllvxvuqmz

Previously we were running in to a race condition where OIDC wouldn't start early enough, so kavita would load without it. As we have turned off passwords entirely, this would cause the instance to be unusable

I've copied this wait code directly from our oauth2-proxy stuff, which has the same problem. We should consider if there's a better way to do this...

options
unified split
Changed files
+2
packetmix
systems
teal
kavita.nix
+2
packetmix/systems/teal/kavita.nix
··· 39 ${pkgs.replace-secret}/bin/replace-secret '@OIDC_SECRET@' \ 40 ''${CREDENTIALS_DIRECTORY}/OIDC_SECRET \ 41 '${config.services.kavita.dataDir}/config/appsettings.json' 42 ''; 43 serviceConfig.LoadCredential = [ "OIDC_SECRET:/secrets/kavita/OIDC_SECRET" ]; 44 };
··· 39 ${pkgs.replace-secret}/bin/replace-secret '@OIDC_SECRET@' \ 40 ''${CREDENTIALS_DIRECTORY}/OIDC_SECRET \ 41 '${config.services.kavita.dataDir}/config/appsettings.json' 42 + 43 + while [[ \"$(${pkgs.curl}/bin/curl -s -L https://idm.freshly.space/status)\" != \"true\" ]]; do sleep 5; done 44 ''; 45 serviceConfig.LoadCredential = [ "OIDC_SECRET:/secrets/kavita/OIDC_SECRET" ]; 46 };