tigor/NixOS
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

kavita: moved to native

Browse source
This commit is contained in:
Tigor Hutasuhut 2024-06-14 12:21:05 +07:00
parent 69fa74b1d5
commit dab8841e4d
6 changed files with 59 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
options/podman.nix
View file

@ -2,10 +2,7 @@
{ {
options.profile.podman = { options.profile.podman = {
enable = lib.mkEnableOption "podman"; enable = lib.mkEnableOption "podman";
caddy.enable = lib.mkOption { caddy.enable = lib.mkEnableOption "caddy podman";
type = lib.types.bool; kavita.enable = lib.mkEnableOption "kavita podman";
default = true;
};
kavita.enable = lib.mkEnableOption "kavita docker";
}; };
} }

2
options/services.nix
View file

@ -1,6 +1,6 @@
{ lib, ... }: { lib, ... }:
let let
inherit (lib) mkEnableOption mkOption types; inherit (lib) mkEnableOption;
in in
{ {
options.profile.services = { options.profile.services = {

2
profiles/homeserver.nix
View file

@ -23,8 +23,6 @@
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
podman = { podman = {
enable = true; enable = true;
caddy.enable = false;
kavita.enable = true;
}; };
services = { services = {

24
secrets/kavita.yaml Normal file
View file

@ -0,0 +1,24 @@
kavita:
token: ENC[AES256_GCM,data:58jQJq5H/QA/yFlfZgHWrSgE3X+c1F96s+8jIGxzWRb91m4KJ8lGy6NHyZpev5l4XhV3ghhM2/0Gs7HNZn8jn5hdrMsvk0a1iG8Rw9PaF+bnERPOFDO9zQ==,iv:uwPYTIRFvCfMxYmHZOMRKkqi3J0MNiedvbVkqlh+hUs=,tag:cG/IwPO1qjQA/NgsRQhIFQ==,type:str]
api_key: ENC[AES256_GCM,data:SDfzZNTj5GJC6uzz7DP/k8s4Yzr8p/8pIBqvECndF4pxg0nD,iv:j1fw5Nm05PcbI8+wViQ4t/rd+BgflVnUNzbzVzmTmsY=,tag:TA6dvBw+fZpMhNeG9klRdg==,type:str]
opds_url: ENC[AES256_GCM,data:qgtncw2H/mrCKrdGJdjA2AtQp2lUZGFmT21u1RdMRjAyxxzEfC1kCwQHbhaIlxvKn1M/CqXpa/gXrZAM+TptCAoyN2Kn28DmbA==,iv:o5XJl35EZumAcPiK9NmnPV65YSu8Y4fgIgHmXzoGdqA=,tag:ZQvnWdfAofAfA8EWr7jA0g==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1kruum2varzua7w5n6n52vhwyek2arc685rhcwt0u7k2jf5mecsjslkl9ll
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSa0c1VlR4V1RUWE1vNUg2
bXpuNStTRWozRGhaTGZtcGtMWDBUbm1OREZZClJDQm1uRytFRFNyenY1RUloVXNv
Q0F6bFNjMFZZUFUxT1JQTHJnd0Z1QUUKLS0tIEpOaUw4OEdRVUhvYmNoYTRaL2Zy
SjFCNUtDbWticUs3d05PS3NuVW00TFkKlqV1V+/Eb5gMj/5NMprAElkBWrO/8tkl
/exWXMOie/WCKiwryoyLe6yms+aOl6x5csbyJtpO2piRs7Xp1sso7g==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-14T04:52:39Z"
mac: ENC[AES256_GCM,data:WJrCCdEEaxm/b7KurXl3KUjgnT7sLKkqeu8MhYhKTOajcqTYeLcHZDNu0XZpuB1xJowP8aS9v8aTFkJIexvT44Fqf23qzzYSjSqTyR+0yjGXwJxImB3/noHtYiDMXd/TGhdyLhzPnicoOFy8qsNGy2wvFGhEKxwGT0dQf2Wuvr0=,iv:KVhNsFHkW1cLEeMjxEpyhguFp8LMhw0yF6qkPqh8238=,tag:oMXDVoIGUIRPJEfKpY+7vA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

1
system/services/default.nix
View file

@ -7,5 +7,6 @@
./samba.nix ./samba.nix
./nextcloud.nix ./nextcloud.nix
./syncthing.nix ./syncthing.nix
./kavita.nix
]; ];
} }

31
system/services/kavita.nix Normal file
View file

@ -0,0 +1,31 @@
{ config, lib, ... }:
let
cfg = config.profile.services.kavita;
user = config.profile.user;
inherit (lib) mkIf;
in
{
config = mkIf cfg.enable {
fileSystems."/nas/kavita" = {
device = "/var/lib/kavita";
fsType = "none";
options = [ "bind" ];
};
users.groups.kavita.members = [ user.name ];
users.groups.${user.name}.members = [ "kavita" ]; # Allow kavita to read users's files copied to /var/lib/kavita via NAS
sops.secrets."kavita/token" = {
owner = "kavita";
sopsFile = ../../secrets/kavita.yaml;
};
services.caddy.virtualHosts."kavita.tigor.web.id".extraConfig = ''
reverse_proxy 0.0.0.0:${toString config.services.kavita.settings.Port}
'';
services.kavita = {
enable = true;
tokenKeyFile = config.sops.secrets."kavita/token".path;
settings = {
Port = 40001;
};
};
};
}