2023-07-25 23:33:37 +08:00
|
|
|
inputs:
|
|
|
|
{
|
2023-09-01 21:05:26 +08:00
|
|
|
imports = inputs.localLib.mkModules
|
|
|
|
[
|
|
|
|
./postgresql.nix
|
|
|
|
./redis.nix
|
|
|
|
./rsshub.nix
|
|
|
|
./misskey.nix
|
2023-10-03 20:11:43 +08:00
|
|
|
./nginx
|
2023-09-01 21:05:26 +08:00
|
|
|
./meilisearch.nix
|
|
|
|
./xray.nix
|
|
|
|
./coturn.nix
|
|
|
|
./synapse.nix
|
2023-09-02 16:30:21 +08:00
|
|
|
./phpfpm.nix
|
2023-09-05 17:17:43 +08:00
|
|
|
./xrdp.nix
|
2023-09-12 22:43:38 +08:00
|
|
|
./groupshare.nix
|
2023-09-13 21:13:13 +08:00
|
|
|
./acme.nix
|
2023-09-13 23:52:49 +08:00
|
|
|
./samba.nix
|
2023-09-14 18:34:27 +08:00
|
|
|
./sshd.nix
|
2023-09-16 15:34:27 +08:00
|
|
|
./vaultwarden.nix
|
2023-09-16 15:59:00 +08:00
|
|
|
./frp.nix
|
2023-09-28 23:35:25 +08:00
|
|
|
./beesd.nix
|
2023-10-01 16:24:40 +08:00
|
|
|
./snapper.nix
|
2023-10-04 10:13:56 +08:00
|
|
|
./mariadb.nix
|
2023-10-04 11:06:37 +08:00
|
|
|
./photoprism.nix
|
2023-10-04 15:40:28 +08:00
|
|
|
./nextcloud.nix
|
2023-11-06 18:29:46 +08:00
|
|
|
./freshrss.nix
|
2023-11-09 22:19:37 +08:00
|
|
|
./kmscon.nix
|
|
|
|
./fontconfig.nix
|
|
|
|
./nix-serve.nix
|
2023-11-10 23:34:36 +08:00
|
|
|
./send.nix
|
2023-11-12 16:56:58 +08:00
|
|
|
./huginn.nix
|
2023-11-12 17:29:40 +08:00
|
|
|
./httpua
|
2023-11-15 13:01:37 +08:00
|
|
|
./fz-new-order
|
2023-11-16 13:18:21 +08:00
|
|
|
./httpapi.nix
|
2023-11-16 13:58:59 +08:00
|
|
|
./mirism.nix
|
2023-11-19 20:47:52 +08:00
|
|
|
./mastodon.nix
|
2023-11-20 20:15:53 +08:00
|
|
|
./gitlab.nix
|
2023-11-21 00:03:23 +08:00
|
|
|
./grafana.nix
|
2023-11-21 20:44:31 +08:00
|
|
|
./fail2ban.nix
|
2023-09-01 21:05:26 +08:00
|
|
|
];
|
|
|
|
options.nixos.services = let inherit (inputs.lib) mkOption types; in
|
|
|
|
{
|
|
|
|
firewall.trustedInterfaces = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
|
|
|
|
smartd.enable = mkOption { type = types.bool; default = false; };
|
|
|
|
wallabag.enable = mkOption { type = types.bool; default = false; };
|
2023-10-30 19:13:15 +08:00
|
|
|
noisetorch.enable = mkOption { type = types.bool; default = inputs.config.nixos.system.gui.preferred; };
|
2023-09-01 21:05:26 +08:00
|
|
|
};
|
|
|
|
config =
|
|
|
|
let
|
|
|
|
inherit (inputs.lib) mkMerge mkIf;
|
|
|
|
inherit (inputs.localLib) stripeTabs attrsToList;
|
|
|
|
inherit (inputs.config.nixos) services;
|
|
|
|
inherit (builtins) map listToAttrs toString;
|
|
|
|
in mkMerge
|
|
|
|
[
|
|
|
|
{ networking.firewall.trustedInterfaces = services.firewall.trustedInterfaces; }
|
|
|
|
(mkIf services.smartd.enable { services.smartd.enable = true; })
|
|
|
|
(
|
|
|
|
mkIf services.wallabag.enable
|
|
|
|
{
|
|
|
|
virtualisation.oci-containers.containers.wallabag =
|
|
|
|
{
|
|
|
|
image = "wallabag/wallabag:2.6.2";
|
|
|
|
imageFile = inputs.pkgs.dockerTools.pullImage
|
|
|
|
{
|
|
|
|
imageName = "wallabag/wallabag";
|
|
|
|
imageDigest = "sha256:241e5c71f674ee3f383f428e8a10525cbd226d04af58a40ce9363ed47e0f1de9";
|
|
|
|
sha256 = "0zflrhgg502w3np7kqmxij8v44y491ar2qbk7qw981fysia5ix09";
|
|
|
|
finalImageName = "wallabag/wallabag";
|
|
|
|
finalImageTag = "2.6.2";
|
|
|
|
};
|
|
|
|
ports = [ "127.0.0.1:4398:80/tcp" ];
|
|
|
|
extraOptions = [ "--add-host=host.docker.internal:host-gateway" ];
|
|
|
|
environmentFiles = [ inputs.config.sops.templates."wallabag/env".path ];
|
|
|
|
};
|
|
|
|
sops =
|
|
|
|
{
|
|
|
|
templates."wallabag/env".content =
|
|
|
|
let
|
|
|
|
placeholder = inputs.config.sops.placeholder;
|
|
|
|
in
|
|
|
|
''
|
|
|
|
SYMFONY__ENV__DATABASE_DRIVER=pdo_pgsql
|
|
|
|
SYMFONY__ENV__DATABASE_HOST=host.docker.internal
|
|
|
|
SYMFONY__ENV__DATABASE_PORT=5432
|
|
|
|
SYMFONY__ENV__DATABASE_NAME=wallabag
|
|
|
|
SYMFONY__ENV__DATABASE_USER=wallabag
|
|
|
|
SYMFONY__ENV__DATABASE_PASSWORD=${placeholder."postgresql/wallabag"}
|
|
|
|
SYMFONY__ENV__REDIS_HOST=host.docker.internal
|
|
|
|
SYMFONY__ENV__REDIS_PORT=8790
|
|
|
|
SYMFONY__ENV__REDIS_PASSWORD=${placeholder."redis/wallabag"}
|
|
|
|
SYMFONY__ENV__SERVER_NAME=wallabag.chn.moe
|
|
|
|
SYMFONY__ENV__DOMAIN_NAME=https://wallabag.chn.moe
|
|
|
|
SYMFONY__ENV__TWOFACTOR_AUTH=false
|
|
|
|
'';
|
|
|
|
# SYMFONY__ENV__MAILER_DSN=smtp://bot%%40chn.moe@${placeholder."mail/bot-encoded"}:mail.chn.moe
|
|
|
|
# SYMFONY__ENV__FROM_EMAIL=bot@chn.moe
|
|
|
|
# SYMFONY__ENV__TWOFACTOR_SENDER=bot@chn.moe
|
2023-11-09 22:19:37 +08:00
|
|
|
secrets."mail/bot-encoded" = {};
|
2023-09-01 21:05:26 +08:00
|
|
|
};
|
|
|
|
nixos =
|
|
|
|
{
|
|
|
|
services =
|
|
|
|
{
|
|
|
|
nginx =
|
|
|
|
{
|
|
|
|
enable = true;
|
2023-11-09 22:19:37 +08:00
|
|
|
https."wallabag.chn.moe".location."/".proxy.upstream = "http://127.0.0.1:4398";
|
2023-09-01 21:05:26 +08:00
|
|
|
};
|
2023-11-09 22:19:37 +08:00
|
|
|
postgresql = { enable = true; instances.wallabag = {}; };
|
2023-11-10 12:39:55 +08:00
|
|
|
redis.instances.wallabag = { user = "root"; port = 8790; };
|
2023-09-01 21:05:26 +08:00
|
|
|
};
|
|
|
|
virtualization.docker.enable = true;
|
|
|
|
};
|
|
|
|
}
|
|
|
|
)
|
2023-10-30 19:13:15 +08:00
|
|
|
(mkIf services.noisetorch.enable { programs.noisetorch.enable = true; })
|
2023-09-01 21:05:26 +08:00
|
|
|
];
|
2023-07-25 23:33:37 +08:00
|
|
|
}
|