Bun/nixos-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Agenix secrets overhaul

Browse source
This commit is contained in:
Jimbo 2024-10-28 23:24:12 -04:00
parent 83796f7cb2
commit 55dcb2fca7
56 changed files with 530 additions and 137 deletions
Download patch file Download diff file Expand all files Collapse all files

44
modules/system/services/server/fileserver/public/photoprism/default.nix
View file

@ -1,30 +1,24 @@
{ config, ... }:
{
services = {
photoprism = {
enable = true;
port = 2342;
originalsPath = "/var/lib/private/photoprism/originals";
address = "0.0.0.0";
settings = {
PHOTOPRISM_ADMIN_USER = "jimbo";
PHOTOPRISM_ADMIN_PASSWORD = "${config.secrets.prismAdminPass}";
PHOTOPRISM_DEFAULT_LOCALE = "en";
PHOTOPRISM_DATABASE_DRIVER = "mysql";
PHOTOPRISM_DATABASE_NAME = "photoprism";
PHOTOPRISM_DATABASE_SERVER = "/run/mysqld/mysqld.sock";
PHOTOPRISM_DATABASE_USER = "photoprism";
PHOTOPRISM_SITE_URL = "https://gallery.${config.domains.jim1}";
PHOTOPRISM_SITE_TITLE = "Jimbo's PhotoPrism";
};
};
nginx.virtualHosts."gallery.${config.domains.jim1}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:2342";
proxyWebsockets = true;
};
imports = [
./nginx
];
services.photoprism = {
enable = true;
port = 2342;
originalsPath = "/var/lib/private/photoprism/originals";
address = "0.0.0.0";
settings = {
PHOTOPRISM_ADMIN_USER = "jimbo";
PHOTOPRISM_ADMIN_PASSWORD = "${builtins.readFile config.age.secrets.prismAdminPass.path}";
PHOTOPRISM_DEFAULT_LOCALE = "en";
PHOTOPRISM_DATABASE_DRIVER = "mysql";
PHOTOPRISM_DATABASE_NAME = "photoprism";
PHOTOPRISM_DATABASE_SERVER = "/run/mysqld/mysqld.sock";
PHOTOPRISM_DATABASE_USER = "photoprism";
PHOTOPRISM_SITE_URL = "https://gallery.${config.domains.jim1}";
PHOTOPRISM_SITE_TITLE = "Jimbo's PhotoPrism";
};
};
}

11
modules/system/services/server/fileserver/public/photoprism/nginx/default.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, ... }:
{
services.nginx.virtualHosts."gallery.${config.domains.jim1}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:2342";
proxyWebsockets = true;
};
};
}