kylekrein/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed some issues after 25.11 update (stargate)

Browse source
This commit is contained in:
Aleksandr Lebedev 2026-01-10 21:55:58 +01:00
parent a532aa5b44
commit 88223c0172
9 changed files with 76 additions and 76 deletions
Download patch file Download diff file Expand all files Collapse all files

116
systems/x86_64-linux/stargate/services/ente.nix
View file

@ -3,18 +3,16 @@
lib,
config,
...
}:
let
domain = "ente.kylekrein.com";
in
{
sops.secrets."services/minio" = {owner = "minio";};
services.minio = {
enable = true;
# ente's config must match this region!
region = "us-east-1";
listenAddress = ":21939";
consoleAddress = ":21940";
}: let
domain = "ente.kylekrein.com";
in {
sops.secrets."services/minio" = {owner = "minio";};
services.minio = {
enable = true;
# ente's config must match this region!
region = "us-east-1";
listenAddress = ":21939";
consoleAddress = ":21940";
# Please use a file, agenix or sops-nix to securely store your root user password!
# MINIO_ROOT_USER=your_root_user
# MINIO_ROOT_PASSWORD=a_randomly_generated_long_password
@ -24,7 +22,7 @@ in
systemd.services.minio.environment.MINIO_SERVER_URL = "https://s3.kylekrein.com";
services.nginx = {
virtualHosts."web.s3.kylekrein.com" = {
virtualHosts."web.s3.kylekrein.com" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:21940";
@ -46,50 +44,50 @@ in
sops.secrets."services/ente/encryption" = {owner = "ente";};
sops.secrets."services/ente/hash" = {owner = "ente";};
sops.secrets."services/ente/jwt" = {owner = "ente";};
services.ente = {
web = {
enable = true;
domains = {
photos = "photos.${domain}";
albums = "albums.${domain}";
cast = "cast.${domain}";
api = "api.${domain}";
accounts = "accounts.${domain}";
};
};
api = {
enable = true;
domain = "api.${domain}";
enableLocalDB = true;
nginx.enable = true;
settings = {
apps.accounts = "https://accounts.${domain}";
apps.cast = "https://cast.${domain}";
public-albums = "https://albums.${domain}";
s3 = {
b2-eu-cen = {
are_local_buckets = false;
use_path_style_urls = true;
endpoint = "https://s3.kylekrein.com";
region = "us-east-1";
bucket = "ente";
key._secret = config.sops.secrets."services/ente/minio/user".path;
secret._secret = config.sops.secrets."services/ente/minio/password".path;
};
};
key = {
# generate with: openssl rand -base64 32
encryption._secret = config.sops.secrets."services/ente/encryption".path;
# generate with: openssl rand -base64 64
hash._secret = config.sops.secrets."services/ente/hash".path;
};
# generate with: openssl rand -base64 32
jwt.secret._secret = config.sops.secrets."services/ente/jwt".path;
internal = {
admin = 1580559962386438;
disable-registration = true;
};
};
};
services.ente = {
web = {
enable = true;
domains = {
photos = "photos.${domain}";
albums = "albums.${domain}";
cast = "cast.${domain}";
api = "api.${domain}";
accounts = "accounts.${domain}";
};
};
}
api = {
enable = true;
domain = "api.${domain}";
enableLocalDB = true;
nginx.enable = true;
settings = {
apps.accounts = "https://accounts.${domain}";
apps.cast = "https://cast.${domain}";
public-albums = "https://albums.${domain}";
s3 = {
b2-eu-cen = {
are_local_buckets = false;
use_path_style_urls = true;
endpoint = "https://s3.kylekrein.com";
region = "us-east-1";
bucket = "ente";
key._secret = config.sops.secrets."services/ente/minio/user".path;
secret._secret = config.sops.secrets."services/ente/minio/password".path;
};
};
key = {
# generate with: openssl rand -base64 32
encryption._secret = config.sops.secrets."services/ente/encryption".path;
# generate with: openssl rand -base64 64
hash._secret = config.sops.secrets."services/ente/hash".path;
};
# generate with: openssl rand -base64 32
jwt.secret._secret = config.sops.secrets."services/ente/jwt".path;
internal = {
admin = 1580559962386438;
disable-registration = true;
};
};
};
};
}