xeovalyte/nix
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added linkding

Browse Source
This commit is contained in:
Timo Boomers 2025-05-20 15:36:56 +02:00
parent f09dfbc108
commit fe6d12b060
5 changed files with 64 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/v-th-ctr-01/home.nix
View File

@ -56,6 +56,7 @@
karakeep.enable = true;
vikunja.enable = true;
stalwart.enable = true;
linkding.enable = true;
};
};

5
modules/home/containers/caddy.nix
View File

@ -126,6 +126,11 @@ in {
handle @vikunja {
reverse_proxy vikunja:3456
}
@linkding host linkding.local.tbmrs.nl
handle @linkding {
reverse_proxy linkding:9090
}
}
'';
};

53
modules/home/containers/linkding.nix Normal file
View File

@ -0,0 +1,53 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.linkding;
in {
options = {
settings.containers.linkding.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable linkding container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.linkding = {
image = "ghcr.io/sissbruecker/linkding:latest";
network = "proxy";
volumes = [
"%h/containers/linkding/data:/etc/linkding/data"
];
environment = {
LD_ENABLE_OIDC = "True";
OIDC_RP_CLIENT_ID = "linkding";
OIDC_OP_AUTHORIZATION_ENDPOINT = "https://auth.tbmrs.nl/ui/oauth2";
OIDC_OP_TOKEN_ENDPOINT = "https://auth.tbmrs.nl/oauth2/token";
OIDC_OP_USER_ENDPOINT = "https://auth.tbmrs.nl/oauth2/openid/linkding/userinfo";
OIDC_OP_JWKS_ENDPOINT = "https://auth.tbmrs.nl/oauth2/openid/linkding/public_key.jwk";
OIDC_RP_SIGN_ALGO = "ES256";
};
environmentFile = [
"${config.sops.templates."container-linkding.env".path}"
];
};
settings.services.sops.enable = true;
sops.templates = {
"container-linkding.env" = {
content = /*bash*/ ''
OIDC_RP_CLIENT_SECRET=${config.sops.placeholder."containers/linkding/oidc-secret"}
'';
};
};
sops.secrets = {
"containers/linkding/oidc-secret" = { };
};
};
}

1
modules/home/default.nix
View File

@ -45,6 +45,7 @@
./containers/vikunja.nix
./containers/stalwart.nix
./containers/static.nix
./containers/linkding.nix
];
config = {

6
secrets/deploy.yaml
View File

@ -2,6 +2,8 @@ example-key: ENC[AES256_GCM,data:+fugS5JmmpnH2CJdDg==,iv:SgpzREfqbgBgd8psV7Optl4
containers:
pingvin-share:
oidc-secret: ENC[AES256_GCM,data:NYeCjqcwmBD4TK3Ma1d/OlgCAcgMkOHecGlaNat28ZQtzBJmzjYllcB06F3VUZtq,iv:SnnmXiZoawpZV83483esQ1TIaFTACiIUcA6hcoXsw0I=,tag:iWuZvHe9bqvn/+NOLUkO1Q==,type:str]
linkding:
oidc-secret: ENC[AES256_GCM,data:nHY/qyZVK8soqdCgPJfh1gQlh/2+w4CU83+xbpLMQZ0/17qEuh53C1cC5mUXyQjV,iv:IlbwHY8BXB93L0UYDU9jmbXX7s6ovHQp9BUAmDBhgwk=,tag:VqaIRKeNUTPScsaLQ0H6VQ==,type:str]
beszel:
key: ENC[AES256_GCM,data:pnk1AUQvhdj4WJOqSB+3bnuNYeOU3xucacLVnUY8D8ulXJUOs1UOc3rlv27IGEbGurEWmbrghDZlIyM91jtWQZN4P2SpwR18ry6PJVYKXCY=,iv:OS/+jF4MtwPdijXPpG2pgpJQTYyer9bms97B+kO8XhI=,tag:G+6ur+SwFJS5Sq69hl2faA==,type:str]
karakeep:
@ -26,8 +28,8 @@ sops:
YW9ScGtXMCtlTnFKZU1uSGxlNzhrY3cKkIJgEglWVxmgMx805z9hhkxM2Igbn3OF
9xXdHBqaWC+pepYoYyNSA8gnptto3I5BPsC5p9RSAI8bQLsi2ciR5Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-05-17T13:23:59Z"
mac: ENC[AES256_GCM,data:5vM+Isza9LfnM7dNLd7w9/kd08kUA/UqLYG9FLQLJtDEnUC5ypEmHHeoJMlVP4WvpDj58LCKNPKZq9VEGMr7ussFdbCx374ov9TZEsaR3/Ifla8Ad+yxo+cQ7nEIdk59VTMZD2leU5gcoxwCVJJDK5Cfdr96jIlbPQCyaycWUR0=,iv:lNX8liwqgoDmPk2d52i+VXKuYkeVdAAI5AsNqQZeSmo=,tag:OFhDlm3zUPiFeQZwBSDqWw==,type:str]
lastmodified: "2025-05-19T09:10:03Z"
mac: ENC[AES256_GCM,data:DYG42CpouwjfjLD5XV89sDPtRO3KbF54lD1VTjEziPIUl97GSj2a6ssY3/Z8IOkgSJ/09NHi3cucbG5Aakb7P4dvdxzQTmeV2rpQU/ZkxGJN6Au16AtuQlbFhyIYEO/cbUBgzt2FOYjwoO+IqbOCssY3lEnJf/MyypoiLmCNsF0=,iv:ftnnOu+6ufgrgkf8BzuMxQDpvRbjCPDWNWFXHsrqTr8=,tag:GchjRRn5k4FoMTANvJXZ8Q==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.4