commit 157f72cef2afc87326443b4e8bd175a47bd2834d · pyrox.dev/nix

+49 -14

systems/x86_64-linux/marvin/services/pingvin-share.nix

···

       10
        
         configFormat = pkgs.formats.yaml { };

     

       11
        
         configFile = configFormat.generate "config.yaml" {

     

       12
        
           general = {

     

       13
       -
             appName = "dishNet Files";

     

       0
        
       
     

       14
        
             secureCookies = "true";

     

       0
        
       
     

       15
        
           };

     

       16
        
           share = {

     

       17
        
             allowRegistration = "false";

     

       18
        
             allowUnauthenticatedShares = "false";

     

       0
        
       
     

       19
        
           };

     

       20
        
           email.enableShareEmailRecipients = "true";

     

       21
        
           smtp = {

     
···

       29
        
           ldap.enabled = "false";

     

       30
        
           legal.enabled = "false";

     

       31
        
           s3.enabled = "false";

     

       32
       -
           initUser = {

     

       33
       -
             enabled = true;

     

       34
       -
             username = "dish";

     

       35
       -
             email = "pyrox@pyrox.dev";

     

       36
       -
             password = "ADMIN_PASSWORD";

     

       37
       -
             isAdmin = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       38
        
           };

     

       0
        
       
     

       39
        
         };

     

       40
        
       in

     

       41
        
       {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       42
        
         services = {

     

       43
        
           pingvin-share = {

     

       44
       -
             enable = true;

     

       45
        
             backend.port = d.be-port;

     

       46
        
             frontend.port = d.port;

     

       47
        
             hostname = "share.pyrox.dev";

     

       48
        
             https = true;

     

       49
        
           };

     

       50
       -
           anubis.instances = lib.mkIf cfg.enable {

     

       51
        
             pingvin-share-be = {

     

       52
        
               settings = {

     

       53
        
                 BIND = ":${toString d.be-anubis}";

     
···

       65
        
           };

     

       66
        
         };

     

       67
        
         systemd.services.init-pingvin-config = {

     

       68
       -
           enable = cfg.enable;

     

       69
        
           description = "Pingvin Share configuration setup";

     

       70
        
           wantedBy = [ "multi-user.target" ];

     

       71
        
           before = [

     

       72
       -
             "pingvin-share-backend.service"

     

       73
       -
             "pingvin-share-frontend.service"

     

       74
        
           ];

     

       75
        
           path = [ pkgs.gnused ];

     

       76
        
           script = ''

     

       77
        
             rm ${cfg.dataDir}/config.yaml

     

       78
        
             cp ${configFile} ${cfg.dataDir}/config.yaml

     

       79
       -
             sed -i "s/SMTP_PASSWORD/$SMTP_PASSWORD/" ${cfg.dataDir}/config.yaml

     

       80
       -
             sed -i "s/ADMIN_PASSWORD/$ADMIN_PASSWORD/" ${cfg.dataDir}/config.yaml

     

       81
        
           '';

     

       82
        
           serviceConfig = {

     

       83
        
             EnvironmentFile = config.age.secrets.pingvin-secrets.path;

···

       10
        
         configFormat = pkgs.formats.yaml { };

     

       11
        
         configFile = configFormat.generate "config.yaml" {

     

       12
        
           general = {

     

       13
       +
             appName = "dishNet Share";

     

       14
       +
             appUrl = "https://share.pyrox.dev";

     

       15
        
             secureCookies = "true";

     

       16
       +
             showHomePage = "false";

     

       17
        
           };

     

       18
        
           share = {

     

       19
        
             allowRegistration = "false";

     

       20
        
             allowUnauthenticatedShares = "false";

     

       21
       +
             maxSize = "10000000000";

     

       22
        
           };

     

       23
        
           email.enableShareEmailRecipients = "true";

     

       24
        
           smtp = {

     
···

       32
        
           ldap.enabled = "false";

     

       33
        
           legal.enabled = "false";

     

       34
        
           s3.enabled = "false";

     

       35
       +
           oauth = {

     

       36
       +
             ignoreTotp = "true";

     

       37
       +
             oidc-enabled = "true";

     

       38
       +
             oidc-clientSecret = "CLIENT_SECRET";

     

       39
       +
             oidc-clientId = "d83006a6-9b08-47eb-af56-418065db09b5";

     

       40
       +
             oidc-discoveryUri = "https://auth.pyrox.dev/.well-known/openid-configuration";

     

       41
       +
             oidc-signOut = "false";

     

       42
       +
             oidc-scope = "openid email profile groups";

     

       43
       +
             oidc-rolePath = "groups";

     

       44
       +
             oidc-roleAdminAccess = "admins";

     

       45
        
           };

     

       46
       +
           initUser.enabled = false;

     

       47
        
         };

     

       48
        
       in

     

       49
        
       {

     

       50
       +
         virtualisation.oci-containers.containers = {

     

       51
       +
           pingvin-share-server = {

     

       52
       +
             image = "ghcr.io/stonith404/pingvin-share:latest";

     

       53
       +
             ports = [

     

       54
       +
               "${toString d.port}:3000"

     

       55
       +
               "${toString d.be-port}:8080"

     

       56
       +
             ];

     

       57
       +
             volumes = [

     

       58
       +
               "/var/lib/pingvin-share/data:/opt/app/backend/data"

     

       59
       +
               "/var/lib/pingvin-share/data/images:/opt/app/frontend/public/img"

     

       60
       +
               "/var/lib/pingvin-share/config.yaml:/opt/app/config.yaml"

     

       61
       +
             ];

     

       62
       +
             environment = {

     

       63
       +
               API_URL = "https://share.pyrox.dev";

     

       64
       +
               PUID = "962";

     

       65
       +
               PGID = "959";

     

       66
       +
             };

     

       67
       +
           };

     

       68
       +
         };

     

       69
       +
         users.users.pingvin = {

     

       70
       +
           uid = 962;

     

       71
       +
           group = cfg.group;

     

       72
       +
           isSystemUser = true;

     

       73
       +
         };

     

       74
       +
         users.groups.pingvin = {

     

       75
       +
           gid = 959;

     

       76
       +
         };

     

       77
       +
       

     

       78
        
         services = {

     

       79
        
           pingvin-share = {

     

       80
       +
             enable = false;

     

       81
        
             backend.port = d.be-port;

     

       82
        
             frontend.port = d.port;

     

       83
        
             hostname = "share.pyrox.dev";

     

       84
        
             https = true;

     

       85
        
           };

     

       86
       +
           anubis.instances = {

     

       87
        
             pingvin-share-be = {

     

       88
        
               settings = {

     

       89
        
                 BIND = ":${toString d.be-anubis}";

     
···

       101
        
           };

     

       102
        
         };

     

       103
        
         systemd.services.init-pingvin-config = {

     

       104
       +
           enable = true;

     

       105
        
           description = "Pingvin Share configuration setup";

     

       106
        
           wantedBy = [ "multi-user.target" ];

     

       107
        
           before = [

     

       108
       +
             "docker-pingvin-share-server.service"

     

       0
        
       
     

       109
        
           ];

     

       110
        
           path = [ pkgs.gnused ];

     

       111
        
           script = ''

     

       112
        
             rm ${cfg.dataDir}/config.yaml

     

       113
        
             cp ${configFile} ${cfg.dataDir}/config.yaml

     

       114
       +
             sed -i "s/SMTP_PASSWORD/\"$SMTP_PASSWORD\"/" ${cfg.dataDir}/config.yaml

     

       115
       +
             sed -i "s/CLIENT_SECRET/\"$CLIENT_SECRET\"/" ${cfg.dataDir}/config.yaml

     

       116
        
           '';

     

       117
        
           serviceConfig = {

     

       118
        
             EnvironmentFile = config.age.secrets.pingvin-secrets.path;

systems/x86_64-linux/marvin/services/secrets/pingvin-secrets.age

This is a binary file and will not be displayed.

+1 -1

systems/x86_64-linux/prefect/services/mailserver/logins.nix

···

       34
        
             sendOnly = true;

     

       35
        
           };

     

       36
        
           "share@pyrox.dev" = {

     

       37
       -
             hashedPassword = "$2b$05$GTK7WRECM2FKlpqUWhsE1e9QaXX5fQ41id.W/PV2TZnOwNtrKJZHe";

     

       38
        
             sendOnly = true;

     

       39
        
           };

     

       40
        
         };

···

       34
        
             sendOnly = true;

     

       35
        
           };

     

       36
        
           "share@pyrox.dev" = {

     

       37
       +
             hashedPassword = "$2b$05$LDvYYmxYcTgqPMDvvhA.uO8UFh8yLqPzVuOdeYBq0x/WJ/85X3DEC";

     

       38
        
             sendOnly = true;

     

       39
        
           };

     

       40
        
         };