tux/tawm
1
0
Fork 0
mirror of https://github.com/tuxdotrs/tawm.git synced 2025-07-05 20:56:33 +05:30
Code Issues Packages Projects Releases Wiki Activity

add wakapi

Browse Source
This commit is contained in:
0xTux
2024-09-29 10:46:45 +05:30
parent eef2a71a66
commit a627ab558f
4 changed files with 62 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
hosts/arcturus/default.nix
View File

@ -17,6 +17,7 @@
../../modules/nixos/monitoring/promtail.nix
../../modules/nixos/ntfy-sh.nix
../../modules/nixos/searx.nix
../../modules/nixos/wakapi.nix
];
sops.secrets = {
@ -43,6 +44,10 @@
plausible_key = {
sopsFile = ./secrets.yaml;
};
wakapi_salt = {
sopsFile = ./secrets.yaml;
};
};
boot = {

5
hosts/arcturus/secrets.yaml
View File

@ -2,6 +2,7 @@ borg_encryption_key: ENC[AES256_GCM,data:7DZQaoS2a5mPjTej25vr1aO1yAAPyXT2tf/VxKr
searx_secret_key: ENC[AES256_GCM,data:Z49PJ2gNI5CI0IfzOta+r67VNUvjoPpMVv5lajGhUMPzSy1KWZC5wIM3d02jWwCOsNjXdU5hE3j9W0rkoy5ZhFPXBJRUEv5b6IcaLA==,iv:364zGZkD2LO189nkvizl8yjedi1IgYEEQMA67SexSSI=,tag:qPqefG6jUaBOpUy6d7E++w==,type:str]
plausible_password: ENC[AES256_GCM,data:B0r2UuFqmz9i5yxbTCg=,iv:u6jZKJ1n15W0xH+UzNfvU1fHy3jDHZjs55nSW+0KoEo=,tag:tN0dunetZUPm/tsYAvDOzg==,type:str]
plausible_key: ENC[AES256_GCM,data:Ynf2aJ6RLRdAkT9ltLpCXTl8zg/VESDchlf67PmKjc93rSfDgq9tFqv1q55Km2lDo7y9iLu5WyLLg24CSSwy8Q==,iv:yW5hgP4dhfkvunv3iYmXGEH9w29OOmrG4ourPagslVg=,tag:C5PVfEseP5gJdoQQL4gERQ==,type:str]
wakapi_salt: ENC[AES256_GCM,data:Vk5Lezv0f/0ehHqXXBCsQxWFYE2KFujTfII0r7Gd1BXFrwiPEdX62aZ+9LQx7s1RTHh0n+LP/5t0cmHO/fJhGw==,iv:ZUlRwNXUCQ53Lymi9fO4qoBWjLpHVWfTnYM0Z1I6F5o=,tag:dadkEKV7paH4+qAz7Bxxqg==,type:str]
cloudflare_credentials:
email: ENC[AES256_GCM,data:qesgxkzUglKdYPI=,iv:2XDEoQzmtagSiILWZzJPswdhkQ+qjdZfNd+LL1nHPx8=,tag:K1F23Za2Zq78tzf0fl5zEw==,type:str]
dns_api_token: ENC[AES256_GCM,data:ibSL4KWYhqgHjo27fiSqB1iN9NWU3/qGGuLpmiMpBf+qCuh8uxR7Yw==,iv:NapMvfUSm5rgeROK7KuxGyog8s2PW9CCKtjRG87FoCQ=,tag:/Oah7PRCe4XPts0IYt83zw==,type:str]
@ -29,8 +30,8 @@ sops:
NGprRGVyZ2plWVNrM3drM3JSUjM2L0UKuNk5DqYn2DIfRpY72zDRP5BKoVAXtNv9
uLI//8wc7f4I3uBdARQdpRE1fapY1UOJOn3i0yndrZARPEbdohRK1Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-09-29T03:57:54Z"
mac: ENC[AES256_GCM,data:rQe7AKr5nY2hgIlVndBizG7Qnh4NgWerav/7VfU9n5ZqY8FO2ojPO7HCIRJggsMUXNNcsrj7oxLvsEDH4IwCnOySM5zrouQY20RL4eBBZ8W+fZERRGEZ8sQCey6Jt/w1sIP/eCVQMlL6RDqX7yTy0my0Ufu6pkGNELl4i+kui9c=,iv:bq64/7j23uF/Qm6xTv9xnrjTKyaFjI2HjTSSVfTw8aE=,tag:N6SQk+QSq0zCZZRA5DNouw==,type:str]
lastmodified: "2024-09-29T05:10:28Z"
mac: ENC[AES256_GCM,data:pMOHJ4X52riV5ZRrENjy2pNpClmd33eFQwDZeiAf17nb3T5fHEfUDzOWkJBjNcxW1+ekjvcfREMNz7ny+x+yG52WrOBldvHO5MiQ/SaKXdzDD33uREnlBVXgp19feu2WdhW4cRvEu/vKILSVqGwNZvD1zMIQbRHIqymIXlxVFlg=,iv:BU3x8clOZ4HyWSOT6u+1Cf7zdrc1h9+9MUNurcezNAY=,tag:jt/45ZMiz94ENch7eCvDNA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0

5
modules/nixos/postgresql.nix
View File

@ -9,6 +9,7 @@
ensureDatabases = [
"plausible"
"wakapi"
];
ensureUsers = [
{
@ -25,6 +26,10 @@
name = "plausible";
ensureDBOwnership = true;
}
{
name = "wakapi";
ensureDBOwnership = true;
}
];
checkConfig = true;

49
modules/nixos/wakapi.nix Normal file
View File

@ -0,0 +1,49 @@
{
lib,
config,
...
}: {
services = {
wakapi = {
enable = true;
passwordSaltFile = config.sops.secrets.wakapi_salt.path;
settings = {
app.avatar_url_template = "https://www.gravatar.com/avatar/{email_hash}.png";
server = {
port = 15999;
public_url = "https://wakapi.tux.rs";
};
db = {
dialect = "postgres";
host = "/run/postgresql";
port = 5432;
name = "wakapi";
user = "wakapi";
};
security = {
allow_signup = false;
disable_frontpage = true;
};
};
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"wakapi.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://localhost:15999";
proxyWebsockets = true;
};
};
};
};
};
};
}