fix

2025-12-07 00:43:34 +01:00 · 2025-12-07 00:43:34 +01:00 · 2824e9ba44
commit 2824e9ba44
parent f9d3344607
2 changed files with 26 additions and 21 deletions
--- a/systems/x86_64-linux/stargate/default.nix
+++ b/systems/x86_64-linux/stargate/default.nix
@ -112,6 +112,7 @@ in {
  custom.impermanence = enabled;

  environment.systemPackages = with pkgs; [
+    ente-cli
    tmux
    icloudpd
    immich-go
--- a/systems/x86_64-linux/stargate/services/ente.nix
+++ b/systems/x86_64-linux/stargate/services/ente.nix
@ -13,10 +13,11 @@ in
        enable = true;
    	# ente's config must match this region!
    	region = "us-east-1";
+	listenAddress = ":21939";
    # Please use a file, agenix or sops-nix to securely store your root user password!
    # MINIO_ROOT_USER=your_root_user
    # MINIO_ROOT_PASSWORD=a_randomly_generated_long_password
-    rootCredentialsFile = config.sops.secrets."services/minio".path;;
+    rootCredentialsFile = config.sops.secrets."services/minio".path;
  };

  systemd.services.minio.environment.MINIO_SERVER_URL = "https://s3.kylekrein.com";
@ -24,8 +25,8 @@ in
  services.nginx = {
    virtualHosts."s3.kylekrein.com" = {
      forceSSL = true;
-      useACME = true;
-      locations."/".proxyPass = "http://localhost:9000";
+      enableACME = true;
+      locations."/".proxyPass = "http://localhost:21939";
      # determine max file upload size
      extraConfig = ''
        client_max_body_size 16G;
@ -60,24 +61,27 @@ in
 		apps.cast = "https://cast.${domain}";
 		public-albums = "https://albums.${domain}";
 		s3 = {
-          use_path_style_urls = true;
-          b2-eu-cen = {
-            endpoint = "https://s3.kylekrein.com";
-            region = "us-east-1";
-            bucket = "ente";
-            key._secret = config.sops.secrets."services/ente/minio/user".path;
-            secret._secret = config.sops.secrets."services/ente/minio/password".path;
-          };
-        };
-        key = {
-          # generate with: openssl rand -base64 32
-          encryption._secret = config.sops.secrets."services/ente/encryption".path;
-          # generate with: openssl rand -base64 64
-          hash._secret = config.sops.secrets."services/ente/hash".path;
-        };
-        # generate with: openssl rand -base64 32
-        jwt.secret._secret = config.sops.secrets."services/ente/jwt".path;
-      };
+                    use_path_style_urls = true;
+          	    b2-eu-cen = {
+            	        endpoint = "https://s3.kylekrein.com";
+            		region = "us-east-1";
+            		bucket = "ente";
+            		key._secret = config.sops.secrets."services/ente/minio/user".path;
+            		secret._secret = config.sops.secrets."services/ente/minio/password".path;
+          	    };
+        	};
+        	key = {
+          	    # generate with: openssl rand -base64 32
+          	    encryption._secret = config.sops.secrets."services/ente/encryption".path;
+          	    # generate with: openssl rand -base64 64
+          	    hash._secret = config.sops.secrets."services/ente/hash".path;
+        	};
+        	# generate with: openssl rand -base64 32
+        	jwt.secret._secret = config.sops.secrets."services/ente/jwt".path;
+		internal = {
+		    admin = 1580559962386438;
+		    disable-registration = true;
+		};
 	    };
 	};
    };