mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-23 07:08:45 +08:00
services.photoprism: init
This commit is contained in:
parent
2cbe5945b7
commit
990a5cf0be
@ -389,6 +389,7 @@
|
|||||||
vaultwarden.enable = true;
|
vaultwarden.enable = true;
|
||||||
meilisearch.ioLimitDevice = "/dev/mapper/root";
|
meilisearch.ioLimitDevice = "/dev/mapper/root";
|
||||||
beesd = { enable = false; instances.root = { device = "/"; hashTableSizeMB = 1024; }; };
|
beesd = { enable = false; instances.root = { device = "/"; hashTableSizeMB = 1024; }; };
|
||||||
|
photoprism.enable = true;
|
||||||
};
|
};
|
||||||
};})
|
};})
|
||||||
];
|
];
|
||||||
|
@ -22,6 +22,7 @@ inputs:
|
|||||||
./beesd.nix
|
./beesd.nix
|
||||||
./snapper.nix
|
./snapper.nix
|
||||||
./mariadb.nix
|
./mariadb.nix
|
||||||
|
./photoprism.nix
|
||||||
];
|
];
|
||||||
options.nixos.services = let inherit (inputs.lib) mkOption types; in
|
options.nixos.services = let inherit (inputs.lib) mkOption types; in
|
||||||
{
|
{
|
||||||
|
@ -27,6 +27,7 @@ inputs:
|
|||||||
mysql =
|
mysql =
|
||||||
{
|
{
|
||||||
enable = true;
|
enable = true;
|
||||||
|
package = inputs.pkgs.mariadb;
|
||||||
ensureDatabases = map (db: db.value.database) (attrsToList mariadb.instances);
|
ensureDatabases = map (db: db.value.database) (attrsToList mariadb.instances);
|
||||||
ensureUsers = map (db: { name = db.value.user; }) (attrsToList mariadb.instances);
|
ensureUsers = map (db: { name = db.value.user; }) (attrsToList mariadb.instances);
|
||||||
};
|
};
|
||||||
|
@ -6,5 +6,6 @@ inputs:
|
|||||||
./synapse.nix
|
./synapse.nix
|
||||||
./vaultwarden.nix
|
./vaultwarden.nix
|
||||||
./element.nix
|
./element.nix
|
||||||
|
./photoprism.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
45
modules/services/nginx/applications/photoprism.nix
Normal file
45
modules/services/nginx/applications/photoprism.nix
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
inputs:
|
||||||
|
{
|
||||||
|
options.nixos.services.nginx.applications.photoprism.instances = let inherit (inputs.lib) mkOption types; in mkOption
|
||||||
|
{
|
||||||
|
type = types.attrsOf (types.submodule (submoduleInputs: { options =
|
||||||
|
{
|
||||||
|
hostname = mkOption { type = types.nonEmptyStr; default = submoduleInputs.config._module.args.name; };
|
||||||
|
upstream = mkOption
|
||||||
|
{
|
||||||
|
type = types.oneOf [ types.nonEmptyStr (types.submodule { options =
|
||||||
|
{
|
||||||
|
address = mkOption { type = types.nonEmptyStr; default = "127.0.0.1"; };
|
||||||
|
port = mkOption { type = types.ints.unsigned; default = 2342; };
|
||||||
|
};})];
|
||||||
|
default = "127.0.0.1:9726";
|
||||||
|
};
|
||||||
|
};}));
|
||||||
|
default = {};
|
||||||
|
};
|
||||||
|
config =
|
||||||
|
let
|
||||||
|
inherit (inputs.config.nixos.services.nginx.applications.photoprism) instances;
|
||||||
|
inherit (inputs.localLib) attrsToList;
|
||||||
|
inherit (builtins) map listToAttrs toString;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
nixos.services.nginx.http = listToAttrs (map
|
||||||
|
(proxy: with proxy.value;
|
||||||
|
{
|
||||||
|
name = hostname;
|
||||||
|
value =
|
||||||
|
{
|
||||||
|
rewriteHttps = true;
|
||||||
|
locations."/".proxy =
|
||||||
|
{
|
||||||
|
upstream = if builtins.typeOf upstream == "string" then "http://${upstream}"
|
||||||
|
else "http://${upstream.address}:${toString upstream.port}";
|
||||||
|
websocket = true;
|
||||||
|
setHeaders.Host = hostname;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
(attrsToList instances));
|
||||||
|
};
|
||||||
|
}
|
47
modules/services/photoprism.nix
Normal file
47
modules/services/photoprism.nix
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
inputs:
|
||||||
|
{
|
||||||
|
options.nixos.services.photoprism = let inherit (inputs.lib) mkOption types; in
|
||||||
|
{
|
||||||
|
enable = mkOption { type = types.bool; default = false; };
|
||||||
|
hostname = mkOption { type = types.str; default = "photoprism.chn.moe"; };
|
||||||
|
port = mkOption { type = types.ints.unsigned; default = 2342; };
|
||||||
|
};
|
||||||
|
config =
|
||||||
|
let
|
||||||
|
inherit (inputs.lib) mkIf;
|
||||||
|
inherit (inputs.config.nixos.services) photoprism;
|
||||||
|
in mkIf photoprism.enable
|
||||||
|
{
|
||||||
|
services.photoprism =
|
||||||
|
{
|
||||||
|
enable = true;
|
||||||
|
originalsPath = inputs.config.services.photoprism.storagePath + "/originals";
|
||||||
|
settings =
|
||||||
|
{
|
||||||
|
PHOTOPRISM_SITE_URL = "https://${photoprism.hostname}";
|
||||||
|
PHOTOPRISM_HTTP_PORT = "${toString photoprism.port}";
|
||||||
|
PHOTOPRISM_DISABLE_TLS = "true";
|
||||||
|
PHOTOPRISM_DETECT_NSFW = "true";
|
||||||
|
PHOTOPRISM_UPLOAD_NSFW = "true";
|
||||||
|
PHOTOPRISM_DATABASE_DRIVER = "mysql";
|
||||||
|
PHOTOPRISM_DATABASE_SERVER = "127.0.0.1:3306";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
systemd.services.photoprism =
|
||||||
|
{
|
||||||
|
after = [ "mariadb.service" ];
|
||||||
|
requires = [ "mariadb.service" ];
|
||||||
|
serviceConfig.EnvironmentFile = inputs.config.sops.templates."photoprism/env".path;
|
||||||
|
};
|
||||||
|
sops =
|
||||||
|
{
|
||||||
|
templates."photoprism/env".content = let placeholder = inputs.config.sops.placeholder; in
|
||||||
|
''
|
||||||
|
PHOTOPRISM_ADMIN_PASSWORD=${placeholder."photoprism/adminPassword"}
|
||||||
|
PHOTOPRISM_DATABASE_PASSWORD=${placeholder."mariadb/photoprism"}
|
||||||
|
'';
|
||||||
|
secrets."photoprism/adminPassword" = {};
|
||||||
|
};
|
||||||
|
nixos.services.mariadb = { enable = true; instances.photoprism = {}; };
|
||||||
|
};
|
||||||
|
}
|
@ -69,6 +69,11 @@ inputs:
|
|||||||
if inputs.config.nixos.virtualization.kvmHost.enable then
|
if inputs.config.nixos.virtualization.kvmHost.enable then
|
||||||
[{ directory = "/var/lib/libvirt/images"; mode = "0711"; }]
|
[{ directory = "/var/lib/libvirt/images"; mode = "0711"; }]
|
||||||
else []
|
else []
|
||||||
|
)
|
||||||
|
++ (
|
||||||
|
if inputs.config.nixos.services.mariadb.enable then let user = inputs.config.users.users.mysql; in
|
||||||
|
[{ directory = "/var/lib/mysql"; user = user.name; group = user.group; mode = "0750"; }]
|
||||||
|
else []
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -37,6 +37,10 @@ nebula:
|
|||||||
key: ENC[AES256_GCM,data:9o6EkfTWOU0KwnJsgHML4E7VOfzo3LHnlOkV8ubhi6aayXImC3lAaoPrqUI=,iv:KHprijN7z+4FIIW+D5klDM9a9VzMJ5xawPc7jJtbHmk=,tag:0DAmxoz8D5f38ndPbkNW+g==,type:str]
|
key: ENC[AES256_GCM,data:9o6EkfTWOU0KwnJsgHML4E7VOfzo3LHnlOkV8ubhi6aayXImC3lAaoPrqUI=,iv:KHprijN7z+4FIIW+D5klDM9a9VzMJ5xawPc7jJtbHmk=,tag:0DAmxoz8D5f38ndPbkNW+g==,type:str]
|
||||||
vaultwarden:
|
vaultwarden:
|
||||||
admin_token: ENC[AES256_GCM,data:muavuOY88Lm4rSEoCp4IIPp7Z+sqf36VwpnPgf+K6IwwFkUgYM1GO80ogReYWqqUM6ij1Yzl5D9ncUbq+aGTKQ==,iv:jA4MRJlz71CMmPnWjb2tGbbIoMkEsESUowhXDckKKMI=,tag:l0HaJmnU29YeFUxjOgN3Kg==,type:str]
|
admin_token: ENC[AES256_GCM,data:muavuOY88Lm4rSEoCp4IIPp7Z+sqf36VwpnPgf+K6IwwFkUgYM1GO80ogReYWqqUM6ij1Yzl5D9ncUbq+aGTKQ==,iv:jA4MRJlz71CMmPnWjb2tGbbIoMkEsESUowhXDckKKMI=,tag:l0HaJmnU29YeFUxjOgN3Kg==,type:str]
|
||||||
|
mariadb:
|
||||||
|
photoprism: ENC[AES256_GCM,data:TF1SZVFnvzyE+7vrHYYUS4Juqhbiw9QcJx7p3Xj88xyBFcTqS1YjzAKs/9GQ1PuzdBrt6hXm/XtJILHiuktnSg==,iv:sd9sQEuIePL6LzUYbFtmdecJ57sMrkF0coalBf8KFqQ=,tag:P/knaKYTJ+aXu4l6IixISA==,type:str]
|
||||||
|
photoprism:
|
||||||
|
adminPassword: ENC[AES256_GCM,data:gB81joOfS8h05BNy2YmD/N0cpLPa/vAduDcQBeHiY/WkcnvqSXnXsOfnvbP74KQfoP4W35oFkfyGVPUBSB83tg==,iv:AkN2NoqMXVHQA9fHTTR7xbEapEqy/D61mHn7O23hyYk=,tag:WV+siDA3VnRkOYnP4Z9Qhw==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
@ -61,8 +65,8 @@ sops:
|
|||||||
SnFHS1Z0SXUzTFdEd29KTy9DU3Y3R0UKfhh+rUmWDrf+UGjclP57dHipPLFoXSqy
|
SnFHS1Z0SXUzTFdEd29KTy9DU3Y3R0UKfhh+rUmWDrf+UGjclP57dHipPLFoXSqy
|
||||||
HdelmfV6q4/c7ppx2E+oZw3VNgoZCsrxxzYZfwxHJiZb+5vkE0D8iA==
|
HdelmfV6q4/c7ppx2E+oZw3VNgoZCsrxxzYZfwxHJiZb+5vkE0D8iA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-10-03T10:45:14Z"
|
lastmodified: "2023-10-04T02:57:49Z"
|
||||||
mac: ENC[AES256_GCM,data:dTFsYradzzxlcm3nUApxLwEwUabACPe7J02WUHOEorMIV43QDYqn9tdvclTcfVD7As/b3Mfk+ZYYiAtIB40IiFJFUVk52e7IBOrg7nb724ZQBA2QAmYxk4I+I5lwXaX4zRIP/AiFcqOFcSVoHXJyFyQeuF/7HrXAQ4H2JsM2Vdo=,iv:01BALeMnxiAhgZRSLWJVNfUjbgMq2aSmNiKQ0dpT/KY=,tag:0d9Oa8eGazcsfb6e/0L/Mw==,type:str]
|
mac: ENC[AES256_GCM,data:IMDUB1yP23qhDyP+erbw7TsS0hl9Fzu/SKjMFmt/8qzH5OoJ/qDVYEQGOMaWjsLVtUWM8rNn3UkSje0NT1psQOPg23PFXWSaP+OktV1dZ6uqJcZ53LGV5jMIPmSjD8q5R3DJixctYBnhozRtwJiNLLptSHBPK82YZtH3jEW9Sus=,iv:fkK0bhXZncQwMmTdcdqM65+yMOnBlwZpa+NQ5LW/uBk=,tag:aO881OMoch0GsIhiC4awTw==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.7.3
|
version: 3.7.3
|
||||||
|
Loading…
Reference in New Issue
Block a user