start work on photoprism
This commit is contained in:
parent
a1ee2b8562
commit
39e831c857
|
@ -29,6 +29,7 @@ in {
|
||||||
vault
|
vault
|
||||||
restic
|
restic
|
||||||
vaultwarden
|
vaultwarden
|
||||||
|
photoprism
|
||||||
])
|
])
|
||||||
|
|
||||||
./hardware.nix
|
./hardware.nix
|
||||||
|
@ -39,19 +40,7 @@ in {
|
||||||
|
|
||||||
nixpkgs.overlays = [
|
nixpkgs.overlays = [
|
||||||
(_final: prev: {
|
(_final: prev: {
|
||||||
# So we don't need to build all Vault
|
|
||||||
# when we already are using vault-bin on this server
|
|
||||||
vault = prev.vault-bin;
|
vault = prev.vault-bin;
|
||||||
|
|
||||||
# Have no need for HW Accel, hoping it works with this
|
|
||||||
jellyfin-ffmpeg = prev.ffmpeg_6-headless;
|
|
||||||
|
|
||||||
ffmpeg = prev.ffmpeg-headless;
|
|
||||||
ffmpeg_4 = prev.ffmpeg_4-headless;
|
|
||||||
ffmpeg_5 = prev.ffmpeg_5-headless;
|
|
||||||
ffmpeg_6 = prev.ffmpeg_6-headless;
|
|
||||||
ffmpeg_7 = prev.ffmpeg_7-headless;
|
|
||||||
|
|
||||||
mpd = prev.mpd-headless;
|
mpd = prev.mpd-headless;
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
|
22
hosts/hetzner-arm/profiles/photoprism.nix
Normal file
22
hosts/hetzner-arm/profiles/photoprism.nix
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
{...}: {
|
||||||
|
services.photoprism = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."vault.owo.monster" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations = {
|
||||||
|
"/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:8200";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
extraConfig = ''
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -24,7 +24,7 @@ in {
|
||||||
machinectl shell mail /usr/bin/env restic-mail $@
|
machinectl shell mail /usr/bin/env restic-mail $@
|
||||||
'')
|
'')
|
||||||
|
|
||||||
(pkgs.writeShellScriptBin "restic-backup-all" ''
|
(pkgs.writeShellScriptBin "restic-backup-all" ''
|
||||||
${concatStringsSep "\n" (forEach (attrNames config.services.restic.backups) (
|
${concatStringsSep "\n" (forEach (attrNames config.services.restic.backups) (
|
||||||
name: "systemctl start restic-backups-${name}.service"
|
name: "systemctl start restic-backups-${name}.service"
|
||||||
))}
|
))}
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
{pkgs, ...}: {
|
{pkgs, ...}: {
|
||||||
services.vaultwarden = {
|
services.vaultwarden = {
|
||||||
enable = true;
|
enable = true;
|
||||||
backupDir = "/var/backup/vaultwarden";
|
backupDir = "/var/backup/vaultwarden";
|
||||||
config = {
|
config = {
|
||||||
DOMAIN = "https://vaultwarden.owo.monster";
|
DOMAIN = "https://vaultwarden.owo.monster";
|
||||||
ROCKET_ADDRESS = "127.0.0.1";
|
ROCKET_ADDRESS = "127.0.0.1";
|
||||||
ROCKET_PORT = 8222;
|
ROCKET_PORT = 8222;
|
||||||
SIGNUPS_ALLOWED = false;
|
SIGNUPS_ALLOWED = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."vaultwarden.owo.monster" = {
|
services.nginx.virtualHosts."vaultwarden.owo.monster" = {
|
||||||
|
|
Loading…
Reference in a new issue