Cian-H/My_NixOS_Config
1
0
Fork 0
mirror of https://github.com/Cian-H/My_NixOS_Config.git synced 2025-12-23 07:21:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed vikunja deployment

Browse Source
This commit is contained in:
Cian Hughes
2025-01-30 03:31:23 +00:00
parent 4d2382fa3e
commit 957665f283
3 changed files with 71 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
home-manager/homeserver.nix
View File

@@ -20,6 +20,8 @@
defaultSopsFile = ./secrets.yaml; defaultSopsFile = ./secrets.yaml;
secrets = { secrets = {
vikunja_jwtsecret = {}; vikunja_jwtsecret = {};
vikunja_dbpassword = {};
vikunja-db_rootpassword = {};
}; };
}; };
} }

87
home-manager/homeserver/containers/work_tools.nix
View File

@@ -7,36 +7,67 @@
unstablePkgs, unstablePkgs,
... ...
}: { }: {
services.podman.containers = { services.podman = {
vikunja = { networks = {
image = "docker.io/vikunja/vikunja:latest"; vikunja-net = {};
autoUpdate = "registry";
environment = {
VIKUNJA_SERVICE_JWTSECRET = config.sops.secrets.vikunja_jwtsecret.path;
VIKUNJA_SERVICE_PUBLICURL = "http://bulba.space/";
VIKUNJA_DATABASE_PATH = "/db/vikunja.db";
};
volumes = [
"/home/cianh/vikunja/files:/app/vikunja/files"
"/home/cianh/vikunja/db:/db"
];
ports = ["3456:3456"];
}; };
freshrss = { containers = {
image = "docker.io/freshrss/freshrss:latest"; vikunja = {
autoUpdate = "registry"; image = "docker.io/vikunja/vikunja:latest";
environment = { autoUpdate = "registry";
TZ = "Europe/Dublin"; network = "vikunja-net";
CRON_MIN = "1,31"; environment = {
VIKUNJA_SERVICE_JWTSECRET = config.sops.secrets.vikunja_jwtsecret.path;
VIKUNJA_SERVICE_PUBLICURL = "http://192.168.0.254:3456/";
VIKUNJA_DATABASE_PATH = "/db/vikunja.db";
VIKUNJA_DATABASE_TYPE = "mysql";
VIKUNJA_DATABASE_DATABASE = "vikunja";
VIKUNJA_DATABASE_HOST = "vikunja-db";
VIKUNJA_DATABASE_USER = "vikunja";
VIKUNJA_DATABASE_PASSWORD = config.sops.secrets.vikunja_dbpassword.path;
};
volumes = [
"/home/cianh/vikunja/files:/app/vikunja/files"
];
ports = ["3456:3456"];
extraConfig = {
Unit = {
After = "podman-vikunja-db.service";
Requires = "podman-vikunja-db.service";
};
};
};
vikunja-db = {
image = "docker.io/library/mariadb:10";
autoUpdate = "registry";
network = "vikunja-net";
exec = "--character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci";
environment = {
MYSQL_ROOT_PASSWORD = config.sops.secrets.vikunja-db_rootpassword.path;
MYSQL_USER = "vikunja";
MYSQL_PASSWORD = config.sops.secrets.vikunja_dbpassword.path;
MYSQL_DATABASE = "vikunja";
};
volumes = [
"/home/cianh/vikunja/db:/var/lib/mysql"
];
};
freshrss = {
image = "docker.io/freshrss/freshrss:latest";
autoUpdate = "registry";
environment = {
TZ = "Europe/Dublin";
CRON_MIN = "1,31";
};
volumes = [
"/home/cianh/freshrss/data:/var/www/FreshRSS/data"
"/home/cianh/freshrss/extensions:/var/www/FreshRSS/extensions"
];
ports = ["3457:80"];
extraPodmanArgs = [
"--log-opt max-size=10m"
];
}; };
volumes = [
"/home/cianh/freshrss/data:/var/www/FreshRSS/data"
"/home/cianh/freshrss/extensions:/var/www/FreshRSS/extensions"
];
ports = ["3457:80"];
extraPodmanArgs = [
"--log-opt max-size=10m"
];
}; };
}; };
} }

18
home-manager/secrets.yaml
View File

@@ -1,4 +1,6 @@
vikunja_jwtsecret: ENC[AES256_GCM,data:Ri2wYlmWJMS1V1U84msjzg40OEyTNjcm33Bsw46FYLgMUn/n59Smipyh+bjUudDOiNZeTRtciRhKFjB7qGt2Vw==,iv:zTzV3WouxI4lxEMReUnu4EKyC0hBd9ZFHRSb1rLvs38=,tag:8QEfipKFn4yJwl3ImC6lDw==,type:str] vikunja_jwtsecret: ENC[AES256_GCM,data:KPR1aGrXgtWX1jf+CSlKxCpiCo+iqKGQMiqPBL9QgUCVCne+7o8LTRjeZte4w+KxozZeA+f9kcrYMypt16XthQ==,iv:Mb6nFjq6tD+fNyaAGUz9bO9/0kZCE/CysFf2r/+VL9k=,tag:Z4NTEXjWXTiyUuatESPlxQ==,type:str]
vikunja_dbpassword: ENC[AES256_GCM,data:OVcultYfgnJQhQ2oNWwYfRyAyWnS8g84CcXQMCY2jCw=,iv:L4hL9LSKo2JxSTlKkbgPUdVy6Wm7EeyLyfY2khr3lJw=,tag:a5n3/YYuSzMDkum/4i1BXA==,type:str]
vikunja-db_rootpassword: ENC[AES256_GCM,data:UuFtVJFfx1rSJXbRonICS4apmwuQs6Qhub62rI2CXjUduX1HNwN/KL0isqM=,iv:EmGYwuTuAMmguXQZfj9Er42rOHZBmvxuVe/X2WlLb1c=,tag:q+Uyau+FggRNpVn2+OaLqw==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@@ -8,14 +10,14 @@ sops:
- recipient: age15x4h66uk6ct3436e6r4l0tkpf86e7jzl3lqd2acndq2jjvq5za3stqg2fy - recipient: age15x4h66uk6ct3436e6r4l0tkpf86e7jzl3lqd2acndq2jjvq5za3stqg2fy
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4TU5UWE5XU0ZtekNHSFVo YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoK21XZ3EvUG0zbW0vcXdn
U1N6VGhyRlRuTkxiOGR0SU9hUndjN2xLOEVFCktNb3M4MzF2WWJlRG5lWTdJbVhl RXBHbHRkYnVYU2FuTlFVdUhhQTYwZGNFelVFCmEyQ2l1S2lxeVhHc3dCR3h5WVpv
TTcwL2ZLVzB2SXNsWE55VEhOaTg3M0UKLS0tIEZCR2tzZFlqTy9OdUwrRkZwWDFF WkE1ci8vTGtiTFM0MGJvd3hiRGFkNUkKLS0tIGlXU3JxT2t5a2VBTEF5WVgwellk
VjBIa05Gc0xxeDlrTUo2Wlc0R1Z4c0kKIWQlPSxK9nt5YG5cINZqtwh+atzFdXsU UUxtN2xwM2NyU3RKT1RZTkpkT2ZEYTAKaIouMAelGffEMZI5eyycJQpIdGi3jAS0
2dxKy4BMiZqsuF3lGoGpOg0yXyNlE91UJwkymk8tJK9KXrqf4biq7Q== DJ0NrV54goQnUcwGrmn8aHZ6tWpS6nWMI/Ieo2fmATJxB6S5AtSyKg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-30T00:51:36Z" lastmodified: "2025-01-30T02:59:50Z"
mac: ENC[AES256_GCM,data:AdbgKxiJR/dWAZ2goNKOcf/gvyrpjeihMaL73w36+reQvn95O0Uwyou9f0Wujf5AZan5J0YKfLrr/850bL9K0f8JnNUcxLg2wAjxVi0NgZqqEWJAPLuxMly2WXJYWKCFRZNyRcwzvVPVp/R95EF0eHqchlCnYYO+B0fDJaqwVLE=,iv:wHMqe7QVD/NEeeX9AapVcwhkmei0tOOIjP3UVB1ZGtM=,tag:9iBIma3IrDQu7syDD4H1GA==,type:str] mac: ENC[AES256_GCM,data:SgkPz7H0wTqxHVUN/udFMXShFYdcdpJJWNDBBJKh+/i4j03E/mMd04cKmV9KDJufbkWFWCluit0y6tfnhg83CZp/cgviJf5VMur28UfsmyvVGJqFO51KdtYoH1IB5hZdt2sID/CJ0rCfDZ5qHkzn7tzFpIn38OllMNITM1WM9GM=,iv:OzRDmRm6p5LcwRrW5d0OA0mVRSH09RUjVK20Q+hPOSw=,tag:KW96+/9kqGH48HbHp5FeOA==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.2 version: 3.9.2