Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix

2025-05-17 13:12:28 +02:00 · 2025-05-17 13:12:28 +02:00 · 2f90d8e0e8
commit 2f90d8e0e8
parent 2df3077b80 1628be3e62
1 changed files with 60 additions and 0 deletions
--- a/modules/home/containers/static.nix
+++ b/modules/home/containers/static.nix
@ -0,0 +1,60 @@
+{ config, lib, ... }:
+
+with lib;
+
+let
+  cfg = config.settings.containers.static;
+in {
+  options = {
+    settings.containers.static.enable = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        Enable static pages containers
+      '';
+    };
+  };
+
+  config = mkIf cfg.enable {
+    settings.services.sops.enable = true;
+
+    services.podman.containers.wrbapp = {
+      image = "gitea.xeovalyte.dev/xeovalyte/wrbapp:latest";
+      network = "proxy";
+      environmentFile = [
+        "${config.sops.templates."container-wrbapp.env".path}"
+      ];
+    };
+
+    services.podman.containers.hunshin = {
+      image = "gitea.xeovalyte.dev/xeovalyte/hunshin:latest";
+      network = "proxy";
+    };
+
+    services.podman.containers.bijlobke = {
+      image = "gitea.xeovalyte.dev/xeovalyte/bijlobke:latest";
+      network = "proxy";
+    };
+
+    services.podman.containers.ardsite = {
+      image = "gitea.xeovalyte.dev/ardsite/ardsite:latest";
+      network = "proxy";
+    };
+
+    sops.templates = {
+      "container-wrbapp.env" = {
+        content = ''
+          NUXT_PRIVATE_KEY_ID: "${config.sops.placeholder."containers/wrbapp/private-key-id"}"
+          NUXT_PRIVATE_KEY: "${config.sops.placeholder."containers/wrbapp/private-key"}"
+          NUXT_CLIENT_ID: "${config.sops.placeholder."containers/wrbapp/client-id"}"
+        ''
+      };
+    };
+
+    sops.secrets = {
+      "containers/wrbapp/private-key-id" = { };
+      "containers/wrbapp/private-key" = { };
+      "containers/wrbapp/client-id" = { };
+    };
+  };
+}