Make oauth2_proxy wait for keycloak
Oauth2_proxy needs its oidc provider to be running so it can connect,
however keycloak isn't actually ready the moment systemd believes it
has started. This means we need to start only when keycloak is returning
a HTTP 200
This copies a similar format to the matrix config.
Change-Id: I0e35315f5abaf5e0a3de294342d9654bb558d47e
Reviewed-on: https://git.clicks.codes/c/Clicks/NixFiles/+/241
Tested-by: Skyler Grey <minion@clicks.codes>
Reviewed-by: Skyler Grey <minion@clicks.codes>
diff --git a/modules/common/oauth2_proxy.nix b/modules/common/oauth2_proxy.nix
index 17d9cd0..2c760d2 100644
--- a/modules/common/oauth2_proxy.nix
+++ b/modules/common/oauth2_proxy.nix
@@ -1,4 +1,4 @@
-{config, ...}: {
+{pkgs, config, ...}: {
sops.secrets.OAUTH2_PROXY_CLIENT_SECRET = {
mode = "0400";
@@ -41,4 +41,7 @@
enable = true;
user = "oauth2_proxy";
};
+
+ systemd.services.oauth2_proxy.preStart = "while [[ \"$(${pkgs.curl}/bin/curl -s -o /dev/null -w ''%{http_code}'' https://login.clicks.codes)\" != \"200\" ]]; do sleep 5; done";
+
}