feat: init immich on winters

2025-12-06 09:07:21 +01:00 · 2024-10-04 17:03:09 +02:00 · 2024-10-04 17:03:09 +02:00 · 9fd7c447d5
commit 9fd7c447d5
parent d95c500065
9 changed files with 103 additions and 38 deletions
--- a/profiles/server/common/default.nix
+++ b/profiles/server/common/default.nix
@ -20,6 +20,7 @@
    ./mpd.nix
    ./matrix.nix
    ./nextcloud.nix
+    ./immich.nix
  ];

  nix =
--- a/profiles/server/common/immich.nix
+++ b/profiles/server/common/immich.nix
@ -0,0 +1,39 @@
+{ pkgs, lib, config, ... }:
+{
+  config = lib.mkIf config.swarselsystems.server.immich {
+
+    users.users.immich = {
+      extraGroups = [ "users" ];
+    };
+
+    # sops.secrets.nextcloudadminpass = { owner = "nextcloud"; };
+
+    services.immich = {
+      enable = true;
+      port = 3001
+        openFirewall = true;
+      mediaLocation = "/Vault/Eternor/Bilder";
+      home = "/Vault/apps/nextcloud";
+    };
+
+
+    services.nginx = {
+      virtualHosts = {
+        "shots.swarsel.win" = {
+          enableACME = true;
+          forceSSL = true;
+          acmeRoot = null;
+          locations = {
+            "/" = {
+              proxyPass = "http://192.168.1.2:3001";
+              extraConfig = ''
+                client_max_body_size    0;
+              '';
+            };
+          };
+        };
+      };
+    };
+  };
+
+}
--- a/profiles/server/common/matrix.nix
+++ b/profiles/server/common/matrix.nix
@ -229,7 +229,7 @@ in
          };
          caption_in_message = true;
          permissions = {
-            "*" = "relaybot";
+            "*" = "relay";
            "@swarsel:${matrixDomain}" = "admin";
          };
        };
--- a/profiles/server/common/nextcloud.nix
+++ b/profiles/server/common/nextcloud.nix
@ -6,14 +6,15 @@

    services.nextcloud = {
      enable = true;
+      packages = pkgs.nextcloud30;
      hostName = "stash.swarsel.win";
      home = "/Vault/apps/nextcloud";
      datadir = "/Vault/data/nextcloud";
-      https: true;
+      https = true;
      configureRedis = true;
      maxUploadSize = "4G";
      extraApps = {
-        inherit (pkgs.nextcloud30Packages.apps) mail calendar contact cospend phonetrack polls tasks;
+        inherit (pkgs.nextcloud30Packages.apps) mail calendar contacts cospend phonetrack polls tasks;
      };
      config = {
        adminuser = "admin";
@ -28,23 +29,8 @@
          enableACME = true;
          forceSSL = true;
          acmeRoot = null;
-          locations = {
-            "/" = {
-              proxyPass = "https://192.168.1.5";
-              extraConfig = ''
-                client_max_body_size 0;
-              '';
-            };
-            # "/push/" = {
-            # proxyPass = "http://192.168.2.5:7867";
-            # };
-            "/.well-known/carddav" = {
-              return = "301 $scheme://$host/remote.php/dav";
-            };
-            "/.well-known/caldav" = {
-              return = "301 $scheme://$host/remote.php/dav";
-            };
-          };
+          # config is automatically added by nixos nextcloud config.
+          # hence, only provide certificate
        };
      };
    };
--- a/profiles/server/common/nfs.nix
+++ b/profiles/server/common/nfs.nix
@ -20,7 +20,7 @@

      enable = true;
      openFirewall = true;
-      shares.Eternor = {
+      settingssys.Eternor = {
        browseable = "yes";
        "read only" = "no";
        "guest ok" = "no";