mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-23 05:39:05 +08:00
services.photoprism: init
This commit is contained in:
parent
2cbe5945b7
commit
990a5cf0be
@ -389,6 +389,7 @@
|
||||
vaultwarden.enable = true;
|
||||
meilisearch.ioLimitDevice = "/dev/mapper/root";
|
||||
beesd = { enable = false; instances.root = { device = "/"; hashTableSizeMB = 1024; }; };
|
||||
photoprism.enable = true;
|
||||
};
|
||||
};})
|
||||
];
|
||||
|
@ -22,6 +22,7 @@ inputs:
|
||||
./beesd.nix
|
||||
./snapper.nix
|
||||
./mariadb.nix
|
||||
./photoprism.nix
|
||||
];
|
||||
options.nixos.services = let inherit (inputs.lib) mkOption types; in
|
||||
{
|
||||
|
@ -27,6 +27,7 @@ inputs:
|
||||
mysql =
|
||||
{
|
||||
enable = true;
|
||||
package = inputs.pkgs.mariadb;
|
||||
ensureDatabases = map (db: db.value.database) (attrsToList mariadb.instances);
|
||||
ensureUsers = map (db: { name = db.value.user; }) (attrsToList mariadb.instances);
|
||||
};
|
||||
|
@ -6,5 +6,6 @@ inputs:
|
||||
./synapse.nix
|
||||
./vaultwarden.nix
|
||||
./element.nix
|
||||
./photoprism.nix
|
||||
];
|
||||
}
|
||||
|
45
modules/services/nginx/applications/photoprism.nix
Normal file
45
modules/services/nginx/applications/photoprism.nix
Normal file
@ -0,0 +1,45 @@
|
||||
inputs:
|
||||
{
|
||||
options.nixos.services.nginx.applications.photoprism.instances = let inherit (inputs.lib) mkOption types; in mkOption
|
||||
{
|
||||
type = types.attrsOf (types.submodule (submoduleInputs: { options =
|
||||
{
|
||||
hostname = mkOption { type = types.nonEmptyStr; default = submoduleInputs.config._module.args.name; };
|
||||
upstream = mkOption
|
||||
{
|
||||
type = types.oneOf [ types.nonEmptyStr (types.submodule { options =
|
||||
{
|
||||
address = mkOption { type = types.nonEmptyStr; default = "127.0.0.1"; };
|
||||
port = mkOption { type = types.ints.unsigned; default = 2342; };
|
||||
};})];
|
||||
default = "127.0.0.1:9726";
|
||||
};
|
||||
};}));
|
||||
default = {};
|
||||
};
|
||||
config =
|
||||
let
|
||||
inherit (inputs.config.nixos.services.nginx.applications.photoprism) instances;
|
||||
inherit (inputs.localLib) attrsToList;
|
||||
inherit (builtins) map listToAttrs toString;
|
||||
in
|
||||
{
|
||||
nixos.services.nginx.http = listToAttrs (map
|
||||
(proxy: with proxy.value;
|
||||
{
|
||||
name = hostname;
|
||||
value =
|
||||
{
|
||||
rewriteHttps = true;
|
||||
locations."/".proxy =
|
||||
{
|
||||
upstream = if builtins.typeOf upstream == "string" then "http://${upstream}"
|
||||
else "http://${upstream.address}:${toString upstream.port}";
|
||||
websocket = true;
|
||||
setHeaders.Host = hostname;
|
||||
};
|
||||
};
|
||||
})
|
||||
(attrsToList instances));
|
||||
};
|
||||
}
|
47
modules/services/photoprism.nix
Normal file
47
modules/services/photoprism.nix
Normal file
@ -0,0 +1,47 @@
|
||||
inputs:
|
||||
{
|
||||
options.nixos.services.photoprism = let inherit (inputs.lib) mkOption types; in
|
||||
{
|
||||
enable = mkOption { type = types.bool; default = false; };
|
||||
hostname = mkOption { type = types.str; default = "photoprism.chn.moe"; };
|
||||
port = mkOption { type = types.ints.unsigned; default = 2342; };
|
||||
};
|
||||
config =
|
||||
let
|
||||
inherit (inputs.lib) mkIf;
|
||||
inherit (inputs.config.nixos.services) photoprism;
|
||||
in mkIf photoprism.enable
|
||||
{
|
||||
services.photoprism =
|
||||
{
|
||||
enable = true;
|
||||
originalsPath = inputs.config.services.photoprism.storagePath + "/originals";
|
||||
settings =
|
||||
{
|
||||
PHOTOPRISM_SITE_URL = "https://${photoprism.hostname}";
|
||||
PHOTOPRISM_HTTP_PORT = "${toString photoprism.port}";
|
||||
PHOTOPRISM_DISABLE_TLS = "true";
|
||||
PHOTOPRISM_DETECT_NSFW = "true";
|
||||
PHOTOPRISM_UPLOAD_NSFW = "true";
|
||||
PHOTOPRISM_DATABASE_DRIVER = "mysql";
|
||||
PHOTOPRISM_DATABASE_SERVER = "127.0.0.1:3306";
|
||||
};
|
||||
};
|
||||
systemd.services.photoprism =
|
||||
{
|
||||
after = [ "mariadb.service" ];
|
||||
requires = [ "mariadb.service" ];
|
||||
serviceConfig.EnvironmentFile = inputs.config.sops.templates."photoprism/env".path;
|
||||
};
|
||||
sops =
|
||||
{
|
||||
templates."photoprism/env".content = let placeholder = inputs.config.sops.placeholder; in
|
||||
''
|
||||
PHOTOPRISM_ADMIN_PASSWORD=${placeholder."photoprism/adminPassword"}
|
||||
PHOTOPRISM_DATABASE_PASSWORD=${placeholder."mariadb/photoprism"}
|
||||
'';
|
||||
secrets."photoprism/adminPassword" = {};
|
||||
};
|
||||
nixos.services.mariadb = { enable = true; instances.photoprism = {}; };
|
||||
};
|
||||
}
|
@ -69,6 +69,11 @@ inputs:
|
||||
if inputs.config.nixos.virtualization.kvmHost.enable then
|
||||
[{ directory = "/var/lib/libvirt/images"; mode = "0711"; }]
|
||||
else []
|
||||
)
|
||||
++ (
|
||||
if inputs.config.nixos.services.mariadb.enable then let user = inputs.config.users.users.mysql; in
|
||||
[{ directory = "/var/lib/mysql"; user = user.name; group = user.group; mode = "0750"; }]
|
||||
else []
|
||||
);
|
||||
};
|
||||
};
|
||||
|
@ -37,6 +37,10 @@ nebula:
|
||||
key: ENC[AES256_GCM,data:9o6EkfTWOU0KwnJsgHML4E7VOfzo3LHnlOkV8ubhi6aayXImC3lAaoPrqUI=,iv:KHprijN7z+4FIIW+D5klDM9a9VzMJ5xawPc7jJtbHmk=,tag:0DAmxoz8D5f38ndPbkNW+g==,type:str]
|
||||
vaultwarden:
|
||||
admin_token: ENC[AES256_GCM,data:muavuOY88Lm4rSEoCp4IIPp7Z+sqf36VwpnPgf+K6IwwFkUgYM1GO80ogReYWqqUM6ij1Yzl5D9ncUbq+aGTKQ==,iv:jA4MRJlz71CMmPnWjb2tGbbIoMkEsESUowhXDckKKMI=,tag:l0HaJmnU29YeFUxjOgN3Kg==,type:str]
|
||||
mariadb:
|
||||
photoprism: ENC[AES256_GCM,data:TF1SZVFnvzyE+7vrHYYUS4Juqhbiw9QcJx7p3Xj88xyBFcTqS1YjzAKs/9GQ1PuzdBrt6hXm/XtJILHiuktnSg==,iv:sd9sQEuIePL6LzUYbFtmdecJ57sMrkF0coalBf8KFqQ=,tag:P/knaKYTJ+aXu4l6IixISA==,type:str]
|
||||
photoprism:
|
||||
adminPassword: ENC[AES256_GCM,data:gB81joOfS8h05BNy2YmD/N0cpLPa/vAduDcQBeHiY/WkcnvqSXnXsOfnvbP74KQfoP4W35oFkfyGVPUBSB83tg==,iv:AkN2NoqMXVHQA9fHTTR7xbEapEqy/D61mHn7O23hyYk=,tag:WV+siDA3VnRkOYnP4Z9Qhw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
@ -61,8 +65,8 @@ sops:
|
||||
SnFHS1Z0SXUzTFdEd29KTy9DU3Y3R0UKfhh+rUmWDrf+UGjclP57dHipPLFoXSqy
|
||||
HdelmfV6q4/c7ppx2E+oZw3VNgoZCsrxxzYZfwxHJiZb+5vkE0D8iA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-10-03T10:45:14Z"
|
||||
mac: ENC[AES256_GCM,data:dTFsYradzzxlcm3nUApxLwEwUabACPe7J02WUHOEorMIV43QDYqn9tdvclTcfVD7As/b3Mfk+ZYYiAtIB40IiFJFUVk52e7IBOrg7nb724ZQBA2QAmYxk4I+I5lwXaX4zRIP/AiFcqOFcSVoHXJyFyQeuF/7HrXAQ4H2JsM2Vdo=,iv:01BALeMnxiAhgZRSLWJVNfUjbgMq2aSmNiKQ0dpT/KY=,tag:0d9Oa8eGazcsfb6e/0L/Mw==,type:str]
|
||||
lastmodified: "2023-10-04T02:57:49Z"
|
||||
mac: ENC[AES256_GCM,data:IMDUB1yP23qhDyP+erbw7TsS0hl9Fzu/SKjMFmt/8qzH5OoJ/qDVYEQGOMaWjsLVtUWM8rNn3UkSje0NT1psQOPg23PFXWSaP+OktV1dZ6uqJcZ53LGV5jMIPmSjD8q5R3DJixctYBnhozRtwJiNLLptSHBPK82YZtH3jEW9Sus=,iv:fkK0bhXZncQwMmTdcdqM65+yMOnBlwZpa+NQ5LW/uBk=,tag:aO881OMoch0GsIhiC4awTw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
|
Loading…
Reference in New Issue
Block a user