teml
This commit is contained in:
mjallen18
@@ -5,27 +5,15 @@
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (lib.${namespace}) mkOpt mkReverseProxyOpt;
|
||||
cfg = config.${namespace}.services.collabora;
|
||||
|
||||
name = "collabora";
|
||||
cfg = config.${namespace}.services.${name};
|
||||
jwtSecretFile = config.sops.secrets."jallen-nas/onlyoffice-key".path;
|
||||
in
|
||||
{
|
||||
options.${namespace}.services.collabora = with lib; {
|
||||
enable = lib.mkEnableOption "";
|
||||
|
||||
port = mkOpt types.int 9980 "Port for opencloud to be hosted on";
|
||||
|
||||
configPath = mkOpt types.str "/media/nas/main/nix-app-data/collabora" "Path to the data dir";
|
||||
|
||||
puid = mkOpt types.str "911" "puid";
|
||||
|
||||
pgid = mkOpt types.str "1000" "pgid";
|
||||
|
||||
timeZone = mkOpt types.str "America/Chicago" "container tz";
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
collaboraConfig = lib.${namespace}.mkModule {
|
||||
inherit config name;
|
||||
description = "collabora code server";
|
||||
options = { };
|
||||
moduleConfig = {
|
||||
services.collabora-online = {
|
||||
enable = true;
|
||||
port = cfg.port;
|
||||
@@ -38,7 +26,7 @@ in
|
||||
|
||||
# Listen on loopback interface only, and accept requests from ::1
|
||||
net = {
|
||||
listen = "0.0.0.0";
|
||||
listen = cfg.listenAddress;
|
||||
post_allow.host = [
|
||||
"cloud.mjallen.dev"
|
||||
"office.mjallen.dev"
|
||||
@@ -59,4 +47,8 @@ in
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
imports = [ collaboraConfig ];
|
||||
}
|
||||
|
||||
@@ -5,16 +5,21 @@
|
||||
...
|
||||
}:
|
||||
let
|
||||
cfg = config.${namespace}.services.crowdsec;
|
||||
in
|
||||
{
|
||||
imports = [ ./options.nix ];
|
||||
config = lib.mkIf cfg.enable {
|
||||
inherit (lib.${namespace}) mkOpt;
|
||||
name = "crowdsec";
|
||||
cfg = config.${namespace}.services.${name};
|
||||
|
||||
crowdsecConfig = lib.${namespace}.mkModule {
|
||||
inherit config name;
|
||||
description = "crowdsec";
|
||||
options = with lib; {
|
||||
apiKey = mkOpt types.str "" "API key for crowdsec bouncer";
|
||||
};
|
||||
moduleConfig = {
|
||||
services = {
|
||||
crowdsec = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
openFirewall = cfg.openFirewall;
|
||||
hub = {
|
||||
appSecConfigs = [
|
||||
"crowdsecurity/appsec-default"
|
||||
@@ -105,7 +110,7 @@ in
|
||||
general.api = {
|
||||
server = {
|
||||
enable = true;
|
||||
listen_uri = "${cfg.apiAddress}:${toString cfg.port}";
|
||||
listen_uri = "${cfg.listenAddress}:${toString cfg.port}";
|
||||
};
|
||||
client = {
|
||||
credentials_path = lib.mkForce "/media/nas/main/nix-app-data/crowdsec/client.yaml";
|
||||
@@ -116,4 +121,8 @@ in
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
imports = [ crowdsecConfig ];
|
||||
}
|
||||
|
||||
@@ -3,4 +3,10 @@ final: _prev: {
|
||||
redis = final.valkey;
|
||||
uv = final.stable.uv;
|
||||
onnxruntime = final.stable.onnxruntime;
|
||||
firefox = final.stable.firefox;
|
||||
orca-slicer = final.stable.orca-slicer;
|
||||
kde-connect = final.stable.kde-connect;
|
||||
kdeconnect-kde = final.stable.kdeconnect-kde;
|
||||
webkit-gtk = final.stable.webkit-gtk;
|
||||
qtwebengine = final.stable.qtwebengine;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user