jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

masive rewriting and setup of server files

Browse Source
This commit is contained in:
Danilo Reyes
2024-09-28 23:10:03 -06:00
parent f9399c51fa
commit 9151ca5971
39 changed files with 756 additions and 556 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
modules/servers/flame.nix
View File

@@ -2,51 +2,59 @@
lib,
config,
proxyReverse,
setup,
...
}:
let
port = 5005;
portSecret = 5007;
cfg = config.my.servers.flame;
cfgS = config.my.servers.flameSecret;
enable = (cfg.enable || cfgS.enable);
in
{
options.my.servers = {
flame.enable = lib.mkEnableOption "enable";
flameSecret.enable = lib.mkEnableOption "enable";
flame = setup.mkOptions "flame" "start" 5005;
flameSecret = setup.mkOptions "flameSecret" "qampqwn4wprhqny8h8zj" 5007;
};
config = lib.mkIf config.my.servers.flame.enable {
sops.secrets.flame.sopsFile = ../../secrets/env.yaml;
virtualisation.oci-containers.containers = {
flame = {
config = {
networking.firewall.allowedTCPPorts = lib.mkIf (!cfg.isLocal || !cfgS.isLocal) [
cfg.port
cfgS.port
];
sops.secrets = lib.mkIf enable { flame.sopsFile = ../../secrets/env.yaml; };
virtualisation.oci-containers.containers = lib.mkIf enable {
flame = lib.mkIf cfg.enable {
autoStart = true;
image = "pawelmalak/flame";
ports = [ "${toString port}:${toString port}" ];
ports = [ "${toString cfg.port}:${toString cfg.port}" ];
volumes = [
"${config.my.containerData}/flame:/app/data"
"${config.my.containerSocket}:${config.my.containerSocket}"
];
environmentFiles = [ config.sops.secrets.flame.path ];
environment = {
TZ = "America/Mexico_City";
TZ = config.my.timeZone;
PUID = "1000";
PGID = "100";
};
};
flame-nsfw = {
flame-nsfw = lib.mkIf cfgS.enable {
autoStart = true;
image = "pawelmalak/flame";
ports = [ "${toString portSecret}:${toString port}" ];
ports = [ "${toString cfgS.port}:${toString cfg.port}" ];
volumes = [ "${config.my.containerData}/flame-nsfw:/app/data" ];
environmentFiles = [ config.sops.secrets.flame.path ];
environment = {
TZ = "America/Mexico_City";
TZ = config.my.timeZone;
PUID = "1000";
PGID = "100";
};
};
};
services.nginx = {
virtualHosts."start.${config.my.domain}" = proxyReverse port // { };
virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" = proxyReverse portSecret // { };
virtualHosts = lib.mkIf (cfg.enableProxy || cfgS.enableProxy) {
"${cfg.host}" = proxyReverse cfg.hostName cfg.port // { };
"${cfgS.host}" = proxyReverse cfgS.hostName cfgS.port // { };
};
};
};
}