From 3d645daa1ae7e0cd4eca2d93c84c39a6d0efad83 Mon Sep 17 00:00:00 2001 From: Kopatz <7265381+Kropatz@users.noreply.github.com> Date: Sat, 4 May 2024 15:11:53 +0200 Subject: [PATCH] test fileshelter --- modules/collections/desktop.nix | 4 +++- modules/collections/server.nix | 4 +++- modules/misc/default.nix | 1 + modules/{ => misc}/docker.nix | 9 +++++++++ modules/services/default.nix | 1 + modules/services/fileshelter.nix | 29 +++++++++++++++++++++++++++++ secrets/fileshelter-conf.age | Bin 0 -> 2769 bytes secrets/secrets.nix | 1 + systems/mini-pc/configuration.nix | 4 ++++ 9 files changed, 51 insertions(+), 2 deletions(-) rename modules/{ => misc}/docker.nix (64%) create mode 100644 modules/services/fileshelter.nix create mode 100644 secrets/fileshelter-conf.age diff --git a/modules/collections/desktop.nix b/modules/collections/desktop.nix index 7f6bcf1..bbf02dd 100644 --- a/modules/collections/desktop.nix +++ b/modules/collections/desktop.nix @@ -1,7 +1,6 @@ {pkgs, config, ...}: { imports = [ - ../docker.nix #../fh/scanning.nix ../flatpak.nix ../gpg.nix @@ -27,6 +26,9 @@ ip = "192.168.0.11"; dns = "192.168.0.6"; }; + misc = { + docker.enable = true; + }; hardware = { vfio.enable = true; nvidia.enable = true; diff --git a/modules/collections/server.nix b/modules/collections/server.nix index 89b460e..668ce10 100644 --- a/modules/collections/server.nix +++ b/modules/collections/server.nix @@ -18,7 +18,6 @@ #../games/palworld.nix ../backup.nix ../cron.nix - ../docker.nix ../fail2ban.nix ../firewall.nix ../git.nix @@ -47,6 +46,9 @@ dir = "/mnt/1tbssd/kavita"; }; }; + misc = { + docker.enable = true; + }; hardware = { firmware.enable = true; ssd.enable = true; diff --git a/modules/misc/default.nix b/modules/misc/default.nix index 90c9d33..8ee2fce 100644 --- a/modules/misc/default.nix +++ b/modules/misc/default.nix @@ -7,5 +7,6 @@ ./cli-tools.nix ./tmpfs.nix ./static-ip.nix + ./docker.nix ]; } diff --git a/modules/docker.nix b/modules/misc/docker.nix similarity index 64% rename from modules/docker.nix rename to modules/misc/docker.nix index 7274598..2f0ac8d 100644 --- a/modules/docker.nix +++ b/modules/misc/docker.nix @@ -1,9 +1,18 @@ { config, pkgs, lib, inputs, ... }: +with lib; +let + cfg = config.custom.misc.docker; +in { + options.custom.misc.docker = { + enable = mkEnableOption "Enables docker"; + }; + config = lib.mkIf cfg.enable { virtualisation.docker.enable = true; virtualisation.docker.daemon.settings = { ip = "127.0.0.1"; }; environment.systemPackages = with pkgs; [ docker-compose ]; virtualisation.docker.enableNvidia = lib.mkIf config.custom.hardware.nvidia.enable true; + }; } diff --git a/modules/services/default.nix b/modules/services/default.nix index 3dae35a..93ca854 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -5,5 +5,6 @@ ./kubernetes.nix ./kavita.nix ./nginx.nix + ./fileshelter.nix ]; } diff --git a/modules/services/fileshelter.nix b/modules/services/fileshelter.nix new file mode 100644 index 0000000..bbabdf0 --- /dev/null +++ b/modules/services/fileshelter.nix @@ -0,0 +1,29 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; +let + cfg = config.custom.services.fileshelter; +in +{ + options.custom.services.fileshelter = { + enable = mkEnableOption "Enables fileshelter"; + }; + config = lib.mkIf cfg.enable { + age.secrets.fileshelter-conf = { + file = ../../secrets/fileshelter-conf.age; + }; + custom.misc.docker.enable = true; + virtualisation.oci-containers.containers = { + "fileshelter" = { + autoStart = true; + image = "epoupon/fileshelter"; + ports = [ + "127.0.0.1:5091:5091" + ]; + volumes = [ + "/data/fileshelter:/var/fileshelter" + "/run/agenix/fileshelter.conf:/etc/fileshelter.conf" + ]; + }; + }; + }; +} diff --git a/secrets/fileshelter-conf.age b/secrets/fileshelter-conf.age new file mode 100644 index 0000000000000000000000000000000000000000..b2076864645bc2b76b8c50a8d42393be92009df9 GIT binary patch literal 2769 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSHE;VqiELSM^^bGXO ziik|i$~AFG_KNZ>k0`7(tI{q@3#-aY$tiRUtH^LIat^36cI7HGay9nUFY`&&cQ^5O zEH5uetJ01z@heJ64G3^gbapEUH1zi_iuCbH3PrcgGtAf}J5a&TF(k^}JJmcmS35J( z+&A03(ly1*A}}Q**(WW#AScVf&%-ad)F?H~&4Mc>zbMMDvNR+=xFoMQ*xB91Fwiow zz%4mgKQO7v#M?MMJv1l6vLG+R&=K7>7w4)>Lq`R}R4;Q=FZZA_Cl7No6C?MCyyT$7 z5U;E>^OCUga#t7g(7eouY>$9KgGerY?Mheu;2>9zykZx>{F0Qk@^Dkf3}dgX;+(<^ z{ft6=3zO_beRG2x-#{*1U0sEo$WUizCr`H!NB7E#T+e_IFB8+;^iXdfe}nSSq+AP+ zQ1|?dM0ai9sAMj`7jHImJ&-ppD)}h-aQm_VhUu|I$rgVuEtr!1*!{Pn<)X)Bo2)vO zS{PiXsN7+`bbRK4tgi*iUETLN+C9wJ7K)Xm#+a1tdCuLfcX^kF$=|A9%!UWqpIz8L zF)r5nrx`DAv|QlK^ukY@!q$0B>-9QY_wk&W(Bj^k3Cg`os+VS7W!dp;hU$tewg-pj z*XB;y{#@i?1nX84$2SXSzxo)oOYAmVLvgA2z9;$Ye-@cs)ml(0_O!lomF>}g+wcF5 zescc%Ctxf_J&!zS{dYi1-F0yp-|n`uuJrKV8QP7TyI`1)$Tph zcd|}lnuWK@(i-zGk+ZHUTHh&IvX-xAlN!^!J*-LIA{nYeUz{ED^GzEbyfof0GrisY zLqOrt>H`~R%4TcL@K?WClzjL^<1zIGG14n8##c?vD$y@=s@4C|&X&4IXQG7r$<@vL zk9c+E3w~FAPcC>jkxBY-Ex&ch_X#FjpUJN;khc#i)a&t_s2;C*S=Tk=Uh3cQxaYFR zPn@4NdGEvtwX+oXcGOI*adorrZ)lsBV=yI`=iKDTWlQBW&fG|v?_R94H28|$))$d+B-IV1#C-j~u3%6VHj0X>!3b=VKCZ3Wg zYP4z8n!kPewY{?fCVg5`@bU0VyZqc8`(3#=x&OGww5xApT2IRQh!6H+p7(7k)IWvJ zSMN|bdg~Fx|9xM+R1^hUZMNV)#Q$fS#^>eBBv|~8YplyWwpL5P(@m}6^u?1Wc{QRZ zNr&D0mf0CAaN>;PANSiA--ynM{~(sgcK4HbSIE7zWJS$SBK&!^aiQH|%+J=S_fOmZ zA^XAh<#YB3@iMjtKgs)4&-!|q-$UcHqqAKYt_rD@Hf?z~wMKU1pUo3Irp}0cymzgl zQle1D+MBbdNd9V5XZ|v6p{HL@-HOllOJZzopX{CAG@4I_n|9mL=YVw7xjXxz+_P+H>&J9C?Xy#Oy=4|Et?fPT(?3yeyTkuwei_9=PxKZ2JJ%hE zk&Js~yua%6f}c%m7Ut&uN&36--wV%lHNj{Pm8#z5&6kAUuu>WdbZp4kWawu$){hQJaK!z1(*EFRO{~DwYwWsauUVA z8{73ijTf7{S%1<5g@pl^YtP0qhsgCLt#rD@vCHM8jqzH>8xC*JdrHij7`XO0|HP^p zuAPi?v~M$7DoU$~Dybi4l;3Kc_iXAU+1K;7zuPKte?0>cCs%wn8em$~KzrSeJH)EYm*D6glQ&p}NMAba% zi}G6e^v!UqfOpdZ`YyMu-3lg8d`>@S7)AtX1We#R)C>?d&=FYq0f?~z%g79q# zo@*2-f9Kp^;VrW|kL_9@qR6bge75BGJ^qs`BKW>1|Csk# zqNnbs%dYO1PNoxNUVK~_@np4ns_P~N`&(ualV81X_$DtYJM~(yOI%WzruBL2*AflU z-lnF7vb+Dzf7rlzz@cg3mDind_1%4Xo2NZW^@!kVzsbHW!(?rEyiNhj*26svb+;ai z-a8!pevQ2LJF~SO7vq0>-Lrfi%Dra)-_o2oZ>jwq+Dg^;6oR}y?p<-2|90^U7l+34 zi$DKY>3;I%@R5KG3EA+E{@^=TX;rsDd*yO3DZ&4ysQIUA^rD8SzmrJIr ziLOyIIpMTVo6C5WxYVZ4-Lm^Qzt|WTbX;S6;H37qbn>T_j=PVXUu)s}VM6~MjpRe` zT3?)YJeCo)^x93Cw~R_b%5OfMZ;)H|L+i->%Dq>lE}l4@`#U3h*StT=7?f}P{by&u zAhDaZ=)&|(hds1?l@4U-K58i_GPcy89_;jMdVNmz7BVtn&G*JUXL%Hk66Yn zqsk^bp+)$-nykz0!%xMg8rb@U&wJ=SIcPD@pZ+)x?sJvN$2Py6xb1wU=)LGoc^W!5 z_k9ZfY4{>?dmzWJHU@1&?R)KN*SuZ5>|A-vb}c$_rRKHb=TGw_>K^D{?!Lcm?#WXO zkFwuS)e_5kc%?C4_lt+ybMe!gI`>&Uuv;Tc` z^?4Pq75?Q_56XTDReuN+N{eFtT&MeL+NHNV?+)(xdUmH|RDRF2zuW(97V9kAwQ|QH zw>6nN`xZo%X3v@SRrzD?g01BTmg}(D23`{o_{4wi{t2fYVUZI8(-w&BoO%6cw#X|T zL0{9q6IwPIJ-cIZLbUqv`_i)!zmM-|Gh9~vG4`*9=FXf($tPXmqVp0hjdy!)`TnNJ z`LZd}!-7k<-eR`3&pkAI+_qG5Hj0XV%1hzYRYL&)p&V@Xw2d Wj$%u-I<^X5c5n=y_xIt~XT1R45iIHe literal 0 HcmV?d00001 diff --git a/secrets/secrets.nix b/secrets/secrets.nix index c28a354..55b6e50 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -23,4 +23,5 @@ in "step-ca-pw.age".publicKeys = [ mini-pc server kop ]; "step-ca-key.age".publicKeys = [ mini-pc server kop ]; "grafana-contact-points.age".publicKeys = [ mini-pc server kop ]; + "fileshelter-conf.age".publicKeys = [ mini-pc server kop ]; } diff --git a/systems/mini-pc/configuration.nix b/systems/mini-pc/configuration.nix index c3e465e..4c93461 100644 --- a/systems/mini-pc/configuration.nix +++ b/systems/mini-pc/configuration.nix @@ -32,6 +32,7 @@ services = { acme.enable = true; nginx.enable = true; + fileshelter.enable = true; kavita = { enable = true; dir = "/data/kavita"; @@ -39,6 +40,9 @@ }; nftables.enable = true; cli-tools.enable = true; + misc = { + docker.enable = true; + }; nix = { index.enable = true; ld.enable = true;