photoprism: add to fwminex
This commit is contained in:
parent
fd9a4821a0
commit
14b85ab2bb
@ -209,6 +209,7 @@
|
|||||||
sasl-passwd.file = ./secrets/postfix_sasl_passwd.age;
|
sasl-passwd.file = ./secrets/postfix_sasl_passwd.age;
|
||||||
headscale-client-oidc.file = ./secrets/headscale/oidc_client_secret2.age;
|
headscale-client-oidc.file = ./secrets/headscale/oidc_client_secret2.age;
|
||||||
borgbackup-password.file = ./secrets/fwminex/borgbackup-password.age;
|
borgbackup-password.file = ./secrets/fwminex/borgbackup-password.age;
|
||||||
|
photoprism-admin-passwd.file = ./secrets/photoprism/admin_password.age;
|
||||||
syncthing-key.file = ./secrets/fwminex/syncthing/key.pem.age;
|
syncthing-key.file = ./secrets/fwminex/syncthing/key.pem.age;
|
||||||
syncthing-cert.file = ./secrets/fwminex/syncthing/cert.pem.age;
|
syncthing-cert.file = ./secrets/fwminex/syncthing/cert.pem.age;
|
||||||
};
|
};
|
||||||
|
@ -116,6 +116,16 @@ in
|
|||||||
subnetCIDR = myData.subnets.tailscale.cidr;
|
subnetCIDR = myData.subnets.tailscale.cidr;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
photoprism = {
|
||||||
|
enable = true;
|
||||||
|
uidgid = myData.uidgid.photoprism;
|
||||||
|
paths = {
|
||||||
|
"M-Camera" = "/home/motiejus/annex2/M-Active";
|
||||||
|
"Pictures" = "/home/motiejus/annex2/Pictures";
|
||||||
|
};
|
||||||
|
passwordFile = config.age.secrets.photoprism-admin-passwd.path;
|
||||||
|
};
|
||||||
|
|
||||||
btrfsborg = {
|
btrfsborg = {
|
||||||
enable = true;
|
enable = true;
|
||||||
passwordPath = config.age.secrets.borgbackup-password.path;
|
passwordPath = config.age.secrets.borgbackup-password.path;
|
||||||
|
@ -13,6 +13,7 @@
|
|||||||
./matrix-synapse
|
./matrix-synapse
|
||||||
./node_exporter
|
./node_exporter
|
||||||
./nsd-acme
|
./nsd-acme
|
||||||
|
./photoprism
|
||||||
./postfix
|
./postfix
|
||||||
./remote-builder
|
./remote-builder
|
||||||
./sshguard
|
./sshguard
|
||||||
|
34
modules/services/photoprism/default.nix
Normal file
34
modules/services/photoprism/default.nix
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{ config, lib, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.mj.services.photoprism;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.mj.services.photoprism = with lib.types; {
|
||||||
|
enable = lib.mkEnableOption "enable photoprism";
|
||||||
|
uidgid = lib.mkOption { type = int; };
|
||||||
|
paths = lib.mkOption { type = attrsOf str; };
|
||||||
|
passwordFile = lib.mkOption { type = str; };
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
services.photoprism = {
|
||||||
|
enable = true;
|
||||||
|
originalsPath = "/data";
|
||||||
|
passwordFile = cfg.passwordFile;
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.photoprism.serviceConfig = {
|
||||||
|
ProtectHome = lib.mkForce "tmpfs";
|
||||||
|
BindPaths = lib.mapAttrsToList (name: srcpath: "${srcpath}:/data/${name}") cfg.paths;
|
||||||
|
};
|
||||||
|
|
||||||
|
users = {
|
||||||
|
groups.photoprism.gid = cfg.uidgid;
|
||||||
|
users.photoprism = {
|
||||||
|
group = "photoprism";
|
||||||
|
uid = cfg.uidgid;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
21
secrets.nix
21
secrets.nix
@ -35,7 +35,6 @@ in
|
|||||||
"secrets/grafana.jakstys.lt/oidc.age"
|
"secrets/grafana.jakstys.lt/oidc.age"
|
||||||
"secrets/letsencrypt/account.key.age"
|
"secrets/letsencrypt/account.key.age"
|
||||||
"secrets/vaultwarden/secrets.env.age"
|
"secrets/vaultwarden/secrets.env.age"
|
||||||
"secrets/photoprism/admin_password.age"
|
|
||||||
|
|
||||||
"secrets/synapse/jakstys_lt_signing_key.age"
|
"secrets/synapse/jakstys_lt_signing_key.age"
|
||||||
"secrets/synapse/registration_shared_secret.age"
|
"secrets/synapse/registration_shared_secret.age"
|
||||||
@ -52,13 +51,19 @@ in
|
|||||||
"secrets/mtworx/syncthing/key.pem.age"
|
"secrets/mtworx/syncthing/key.pem.age"
|
||||||
"secrets/mtworx/syncthing/cert.pem.age"
|
"secrets/mtworx/syncthing/cert.pem.age"
|
||||||
]
|
]
|
||||||
// mk (
|
//
|
||||||
[
|
mk
|
||||||
fwminex
|
(
|
||||||
vno1-oh2
|
[
|
||||||
]
|
fwminex
|
||||||
++ motiejus
|
vno1-oh2
|
||||||
) [ "secrets/headscale/oidc_client_secret2.age" ]
|
]
|
||||||
|
++ motiejus
|
||||||
|
)
|
||||||
|
[
|
||||||
|
"secrets/headscale/oidc_client_secret2.age"
|
||||||
|
"secrets/photoprism/admin_password.age"
|
||||||
|
]
|
||||||
// mk ([ fwminex ] ++ motiejus) [
|
// mk ([ fwminex ] ++ motiejus) [
|
||||||
"secrets/motiejus_server_passwd_hash.age"
|
"secrets/motiejus_server_passwd_hash.age"
|
||||||
"secrets/root_server_passwd_hash.age"
|
"secrets/root_server_passwd_hash.age"
|
||||||
|
@ -1,13 +1,15 @@
|
|||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 gJrHQg J4jt86oFW6/8u/gNy+h5kOjF4pZXkbkXoimTHxH58E4
|
-> ssh-ed25519 fqSa6A Dxw4Yb/C9PzMgO49smrCkVaP+YESYBfS64Ii1IfXgg8
|
||||||
P8UA4DwfPL/MbCSmQkbrThnREius58hAZviwmpHRKOs
|
uuQOMSaVjc/K5qAZ1+5TxCwjseOjAxbEqUUCRCvPYwU
|
||||||
-> X25519 D+CpN17IlppGLn2W2SIc88p2Wmwx2jgsPI3Z3SKR5lA
|
-> ssh-ed25519 gJrHQg bBclusEL1MmrdLac7r2LPjcaCHIYINijeYplX06R5Rw
|
||||||
4U4xal+3615teXDDM4QJSTTnvJdswvXkiLacHIykPyE
|
+GJmZL97TKRRjuo3pnTNWNdrCESes6yhcVRdsppWbf4
|
||||||
-> X25519 nI451keJ6bNMwKI7EcptuTx0nprixcK08e5CTN3VyWQ
|
-> X25519 P2aYdVsDhHO6ccVnZltF5tDp4tjrEYcH0JRZVvYD8VE
|
||||||
VPnDvaB+9l1kVbsVS6i8vc9qBD58FAmoTR632pdwAvQ
|
KGKzzAAOSVGLBSSEXwuPpdCdOSmLOmdssBpSqDKnu6Q
|
||||||
-> piv-p256 +y2G/w AvvF24onxbHGbZBUqOjmqqUb7RULMVtDpi8xgRZExElJ
|
-> X25519 1fk/pqQ7ATDWcL7xQAwJUmpqvVKdMkxoCj0v7UUsHhM
|
||||||
SIoPHQZO52yN+AB5a7OzmYdxp9Wyd974gjQDR0REtcE
|
BLl3AeOiReWRJsREfsyVHzC5I1khh7UtzpMVV2+R8yg
|
||||||
-> piv-p256 jNqd3A An1S6Ckmap7jCI2x4u9qi7TPKodv0U1P2CUOj+Ea3vWB
|
-> piv-p256 +y2G/w Aow8xYmpm6//miZjz+Ds9BdDoYJSu+AXGGeTNR+y2bbu
|
||||||
iNeGD/XbubkzYuBrNmI725O4CFa6vLD8nTahQivT8xU
|
p3mBLi7ALbi77RpdbhwktlfdVmZl3mtMMiWcZKU8ioM
|
||||||
--- svZOvg6nshQpjaikx4U+6Y+fyCEp/twchG3q0Zy1QZc
|
-> piv-p256 jNqd3A AkGJxdX+jt55MDeKs6SAwxEjzRSGTTResWirSv6MnBxb
|
||||||
e_
ńehTíĺZ<>$ZďzÍt‚Č€ĹćöŐîbqȨŘ$ťŤ(2%ŃŚµť7h!fŮW
|
GRTr75vpAWtd5zePgJ1tLdW/g43oZte0ywj4qJcjqvY
|
||||||
|
--- bYkldM1/bQCq4iDpgxIr1ueqfFXhKlLh27l0ZCq/KYw
|
||||||
|
6PGn¿Šö@3€™ß?Ó(·âÝøÛ¼¯5p¬~çfB†ô<18>÷ÏpõB¶¸d=Æ
|
Loading…
Reference in New Issue
Block a user