kylekrein/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix

Browse source
This commit is contained in:
Aleksandr Lebedev 2025-12-07 00:43:34 +01:00
parent f9d3344607
commit 2824e9ba44
2 changed files with 26 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

1
systems/x86_64-linux/stargate/default.nix
View file

@ -112,6 +112,7 @@ in {
custom.impermanence = enabled; custom.impermanence = enabled;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
ente-cli
tmux tmux
icloudpd icloudpd
immich-go immich-go

46
systems/x86_64-linux/stargate/services/ente.nix
View file

@ -13,10 +13,11 @@ in
enable = true; enable = true;
# ente's config must match this region! # ente's config must match this region!
region = "us-east-1"; region = "us-east-1";
listenAddress = ":21939";
# Please use a file, agenix or sops-nix to securely store your root user password! # Please use a file, agenix or sops-nix to securely store your root user password!
# MINIO_ROOT_USER=your_root_user # MINIO_ROOT_USER=your_root_user
# MINIO_ROOT_PASSWORD=a_randomly_generated_long_password # MINIO_ROOT_PASSWORD=a_randomly_generated_long_password
rootCredentialsFile = config.sops.secrets."services/minio".path;; rootCredentialsFile = config.sops.secrets."services/minio".path;
}; };
systemd.services.minio.environment.MINIO_SERVER_URL = "https://s3.kylekrein.com"; systemd.services.minio.environment.MINIO_SERVER_URL = "https://s3.kylekrein.com";
@ -24,8 +25,8 @@ in
services.nginx = { services.nginx = {
virtualHosts."s3.kylekrein.com" = { virtualHosts."s3.kylekrein.com" = {
forceSSL = true; forceSSL = true;
useACME = true; enableACME = true;
locations."/".proxyPass = "http://localhost:9000"; locations."/".proxyPass = "http://localhost:21939";
# determine max file upload size # determine max file upload size
extraConfig = '' extraConfig = ''
client_max_body_size 16G; client_max_body_size 16G;
@ -60,24 +61,27 @@ in
apps.cast = "https://cast.${domain}"; apps.cast = "https://cast.${domain}";
public-albums = "https://albums.${domain}"; public-albums = "https://albums.${domain}";
s3 = { s3 = {
use_path_style_urls = true; use_path_style_urls = true;
b2-eu-cen = { b2-eu-cen = {
endpoint = "https://s3.kylekrein.com"; endpoint = "https://s3.kylekrein.com";
region = "us-east-1"; region = "us-east-1";
bucket = "ente"; bucket = "ente";
key._secret = config.sops.secrets."services/ente/minio/user".path; key._secret = config.sops.secrets."services/ente/minio/user".path;
secret._secret = config.sops.secrets."services/ente/minio/password".path; secret._secret = config.sops.secrets."services/ente/minio/password".path;
}; };
}; };
key = { key = {
# generate with: openssl rand -base64 32 # generate with: openssl rand -base64 32
encryption._secret = config.sops.secrets."services/ente/encryption".path; encryption._secret = config.sops.secrets."services/ente/encryption".path;
# generate with: openssl rand -base64 64 # generate with: openssl rand -base64 64
hash._secret = config.sops.secrets."services/ente/hash".path; hash._secret = config.sops.secrets."services/ente/hash".path;
}; };
# generate with: openssl rand -base64 32 # generate with: openssl rand -base64 32
jwt.secret._secret = config.sops.secrets."services/ente/jwt".path; jwt.secret._secret = config.sops.secrets."services/ente/jwt".path;
}; internal = {
admin = 1580559962386438;
disable-registration = true;
};
}; };
}; };
}; };