xeovalyte/nix
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added more services

Browse Source
This commit is contained in:
Timo Boomers 2025-05-09 13:06:33 +02:00
parent 87b73dc10e
commit ad155e63ce
7 changed files with 207 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/v-th-ctr-01/home.nix
View File

@ -53,6 +53,8 @@
beszel.enable = true;
storage.enable = true;
homeassistant.enable = true;
karakeep.enable = true;
vikunja.enable = true;
};
};

10
modules/home/containers/caddy.nix
View File

@ -108,6 +108,16 @@ in {
handle @homeassistant {
reverse_proxy homeassistant:8123
}
@karakeep host karakeep.local.tbmrs.nl
handle @karakeep {
reverse_proxy karakeep:3000
}
@vikunja host vikunja.local.tbmrs.nl
handle @vikunja {
reverse_proxy vikunja:3456
}
}
'';
};

108
modules/home/containers/homepage.nix
View File

@ -37,40 +37,19 @@ in {
description = "server from Timo";
theme = "dark";
color = "slate";
layout = {
Services = {
style = "row";
columns = "4";
};
Infra = {
style = "row";
columns = "4";
};
};
};
home.file."containers/homepage/config/services.yaml".source = (pkgs.formats.yaml { }).generate "services" [
{
"Infra" = [
{
"Kanidm" = {
href = "https://auth.tbmrs.nl";
description = "Oauth2 and ldap provider";
icon = "kanidm";
server = "podman";
container = "kanidm";
};
}
{
"Uptime Kuma" = {
href = "https://uptime.tbmrs.nl";
description = "Uptime and status";
icon = "uptime-kuma";
server = "podman";
container = "uptime-kuma";
};
}
{
"Beszel" = {
href = "https://monitor.local.tbmrs.nl";
description = "Server monitoring";
icon = "beszel";
server = "podman";
container = "beszel";
};
}
];
}
{
"Services" = [
{
@ -118,6 +97,73 @@ in {
container = "paperless-ngx";
};
}
{
"Home Assistant" = {
href = "https://home-assistant.local.tbmrs.nl";
description = "Home automation";
icon = "home-assistant";
server = "podman";
container = "homeassistant";
};
}
{
"Syncthing" = {
href = "https://syncthing.local.tbmrs.nl";
description = "File syncronisation";
icon = "syncthing";
server = "podman";
container = "syncthing";
};
}
{
"Dufs" = {
href = "https://files.tbmrs.nl";
description = "File management";
icon = "dufs";
server = "podman";
container = "dufs";
};
}
{
"Karakeep" = {
href = "https://karakeep.local.tbmrs.nl";
description = "Data hoarder";
icon = "karakeep";
server = "podman";
container = "karakeep";
};
}
];
}
{
"Infra" = [
{
"Kanidm" = {
href = "https://auth.tbmrs.nl";
description = "Oauth2 and ldap provider";
icon = "kanidm";
server = "podman";
container = "kanidm";
};
}
{
"Uptime Kuma" = {
href = "https://uptime.tbmrs.nl";
description = "Uptime and status";
icon = "uptime-kuma";
server = "podman";
container = "uptime-kuma";
};
}
{
"Beszel" = {
href = "https://monitor.local.tbmrs.nl";
description = "Server monitoring";
icon = "beszel";
server = "podman";
container = "beszel";
};
}
];
}
];

82
modules/home/containers/karakeep.nix Normal file
View File

@ -0,0 +1,82 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.karakeep;
in {
options = {
settings.containers.karakeep.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable karakeep container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.karakeep = {
image = "ghcr.io/karakeep-app/karakeep:release";
network = "proxy";
volumes = [
"%h/containers/karakeep/data:/data"
];
environment = {
MEILI_ADDR = "http://karakeep-meilisearch:7700";
BROWSER_WEB_URL = "http://karakeep-chrome:9222";
DATA_DIR = "/data";
};
environmentFile = [
"${config.sops.templates."container-karakeep.env".path}"
];
extraConfig = {
Unit = {
After = [
"podman-karakeep-chrome.service"
"podman-karakeep-meilisearch.service"
];
Requires = [
"podman-karakeep-chrome.service"
"podman-karakeep-meilisearch.service"
];
};
};
};
services.podman.containers.karakeep-chrome = {
image = "gcr.io/zenika-hub/alpine-chrome:123";
network = "proxy";
exec = "--no-sandbox --disable-gpu --disable-dev-shm-usage --remote-debugging-address=0.0.0.0 --remote-debugging-port=9222 --hide-scrollbars";
};
services.podman.containers.karakeep-meilisearch = {
image = "getmeili/meilisearch:v1.13.3";
network = "proxy";
environment = {
MEILI_NO_ANALYTICS = "true";
};
volumes = [
"%h/containers/karakeep/meilisearch:/meili_data"
];
};
settings.services.sops.enable = true;
sops.secrets = {
"containers/karakeep/nextauth-secret" = { };
"containers/karakeep/meili-key" = { };
};
sops.templates = {
"container-karakeep.env" = {
content = ''
KARAKEEP_VERSION=release
NEXTAUTH_SECRET=${config.sops.placeholder."containers/karakeep/nextauth-secret"}
MEILI_MASTER_KEY=${config.sops.placeholder."containers/karakeep/meili-key"}
NEXTAUTH_URL=https://karakeep.local.tbmrs.nl
'';
};
};
};
}

29
modules/home/containers/vikunja.nix Normal file
View File

@ -0,0 +1,29 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.vikunja;
in {
options = {
settings.containers.vikunja.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable vikunja container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.vikunja = {
image = "vikunja/vikunja";
network = "proxy";
userNS = "keep-id";
volumes = [
"%h/containers/vikunja/files:/app/vikunja/files"
"%h/containers/vikunja/db:/db"
];
};
};
}

2
modules/home/default.nix
View File

@ -40,5 +40,7 @@
./containers/beszel.nix
./containers/storage.nix
./containers/homeassistant.nix
./containers/karakeep.nix
./containers/vikunja.nix
];
}

7
secrets/deploy.yaml
View File

@ -4,6 +4,9 @@ containers:
oidc-secret: ENC[AES256_GCM,data:jO5fvIK/1XnFweqKvedPMED0xvsqErjDP+eT7wAwXFuREbS6KakwY7pUzi20wdI0,iv:SnnmXiZoawpZV83483esQ1TIaFTACiIUcA6hcoXsw0I=,tag:cC/ftyj8jlK1re/rX4IiEw==,type:str]
beszel:
key: ENC[AES256_GCM,data:rRtx8Jx/aHOqeRa9dlyc42/62UwwqhkiLDLnZCM65rpW5nL5cQG2dS81YOMVPrE7Sa/cHlE3bvxqETaxMmsJGYukjmZph8skpF0qukCDe4Q=,iv:OS/+jF4MtwPdijXPpG2pgpJQTYyer9bms97B+kO8XhI=,tag:va7jCSGrXp2YKBlYzLI39g==,type:str]
karakeep:
nextauth-secret: ENC[AES256_GCM,data:ck8O7bZOcpxOB6dQRDchPBaFinVtzBphOvT2oQcdTcnRj0PFCMF7mKcEbRFvk6hi,iv:98su3bR8jMLr1jF5XBiNePMZ7qz4pMDQ6B4i8rMxIQQ=,tag:cfqzRVf9NDhsb1cvG8Tq+w==,type:str]
meili-key: ENC[AES256_GCM,data:YrIlR+f94wcTlWqfYdqUWOZGp8QaPtLQeXi+ok54bXnuKvv1qjkuAbKuClyi4MS9,iv:OjAmWJWmGtIsSeIFWNlqT8hv8H8LLz+WQtvlvyu9Lx0=,tag:8jI5LBhMG3hhji7+dE6shg==,type:str]
paperless-ngx:
db-password: ENC[AES256_GCM,data:H21HVshmFuWJ5qNIrjm0VMGHEsT7cCvScgamU+CAaNZ6j5ux/r4xiF9zP7Qh40sKTOvyoWGTcHGPHE5ClpGuQA==,iv:tDIRfThBOfHr+gGRqywlHAk/x4MkhHRFsJEp5nnlGPA=,tag:XbYKD90l3u93Ur4VOqOn6w==,type:str]
secret: ENC[AES256_GCM,data:+1hriBiSbt+zUjEkBTEM90PFNlxfNwRAmz8wHyeyOnq6ThI+PtlDu83sunBFL2FUYJX0N4h3R4FvJBUkrPr0NQ==,iv:zzhFaoLnskspp1S291KABLZITgcof63cjShnsZrlAmw=,tag:+aafTLgZVBWeclQLQvVlQg==,type:str]
@ -23,8 +26,8 @@ sops:
bGpsMnpoQWlxbmlobVdVSjU2ZWp1dGMKql+6ZqtuixZ9TJgJMaTOFsB0gsLLvuqE
ZQikUHunrP8d5n/TvzL4VyIF2Oqy+cjTnjX/9fcqsjB6w3oY4qDXkg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-30T13:11:24Z"
mac: ENC[AES256_GCM,data:JA1T9q0otjshJWyb8fingvD0CmYyTKdhvNMI3RVoZaMEAwBV4AwMCftG9zWMOgof4NcG4EhdOI7KG7qhctpo25K9j5IhaY8GA/p7BStBopuowTTUZecWHxXy4OFEtuW1PXBGrkgfkupV+RZfeisoa1gGFhQ2tW+fOqtoTFFCLHA=,iv:CM5zgvA2krzLHGiVeiSTVzcswwk9+QJmNCr+3hqw+To=,tag:H0x1UasoXNb38+Cq0CP0YA==,type:str]
lastmodified: "2025-05-06T15:45:07Z"
mac: ENC[AES256_GCM,data:1B0X0XIdI+fVeuusfyrcXR8HPhcWM5pjkJG7UoAgIBfGxROHzZm8KTvW/LGxZ9JKHBUjnt4YVr7ZECGTNFEyH/xo0N8aJ66BqT0TxfKHydWVA5odS0dCPXs/8yDNItGaVjJyNpdn0NpRHCCDCGHjo16XILSVoOxbs6BIQ5wVvEE=,iv:h5x99Svyod4iSBdmRDcy9VelYzEV9ArKQVeNuMmEMGQ=,tag:PTLqyRFa45NyR5mDKxBgmg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.4