swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: init immich on winters

Browse source
This commit is contained in:
Swarsel 2024-10-04 17:03:09 +02:00
parent d95c500065
commit 9fd7c447d5
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
9 changed files with 103 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

65
SwarselSystems.org
View file

@ -2058,6 +2058,8 @@ My work machine. Built for more security, this is the gold standard of my config
mpd = false; mpd = false;
matrix = true; matrix = true;
nextcloud = true; nextcloud = true;
immich = true;
paperless = true;
}; };
}; };
@ -4742,7 +4744,9 @@ I usually use =mutableUsers = false= in my NixOS configuration. However, on a ne
options.swarselsystems.server.spotifyd = lib.mkEnableOption "enable spotifyd on server"; options.swarselsystems.server.spotifyd = lib.mkEnableOption "enable spotifyd on server";
options.swarselsystems.server.mpd = lib.mkEnableOption "enable mpd on server"; options.swarselsystems.server.mpd = lib.mkEnableOption "enable mpd on server";
options.swarselsystems.server.matrix = lib.mkEnableOption "enable matrix on server"; options.swarselsystems.server.matrix = lib.mkEnableOption "enable matrix on server";
options.swarselsystems.server.nextcloud = lib.mkEnableOption "enable nextcloid on server"; options.swarselsystems.server.nextcloud = lib.mkEnableOption "enable nextcloud on server";
options.swarselsystems.server.immich = lib.mkEnableOption "enable immich on server";
options.swarselsystems.server.paperless = lib.mkEnableOption "enable paperless on server";
} }
#+end_src #+end_src
@ -6634,6 +6638,7 @@ Also, the system state version is set here. No need to touch it.
./mpd.nix ./mpd.nix
./matrix.nix ./matrix.nix
./nextcloud.nix ./nextcloud.nix
./immich.nix
]; ];
nix = nix =
@ -6725,7 +6730,7 @@ Also, the system state version is set here. No need to touch it.
enable = true; enable = true;
openFirewall = true; openFirewall = true;
shares.Eternor = { settingssys.Eternor = {
browseable = "yes"; browseable = "yes";
"read only" = "no"; "read only" = "no";
"guest ok" = "no"; "guest ok" = "no";
@ -7336,7 +7341,7 @@ Also, the system state version is set here. No need to touch it.
}; };
caption_in_message = true; caption_in_message = true;
permissions = { permissions = {
"*" = "relaybot"; "*" = "relay";
"@swarsel:${matrixDomain}" = "admin"; "@swarsel:${matrixDomain}" = "admin";
}; };
}; };
@ -7419,14 +7424,15 @@ Also, the system state version is set here. No need to touch it.
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
packages = pkgs.nextcloud30;
hostName = "stash.swarsel.win"; hostName = "stash.swarsel.win";
home = "/Vault/apps/nextcloud"; home = "/Vault/apps/nextcloud";
datadir = "/Vault/data/nextcloud"; datadir = "/Vault/data/nextcloud";
https: true; https = true;
configureRedis = true; configureRedis = true;
maxUploadSize = "4G"; maxUploadSize = "4G";
extraApps = { extraApps = {
inherit (pkgs.nextcloud30Packages.apps) mail calendar contact cospend phonetrack polls tasks; inherit (pkgs.nextcloud30Packages.apps) mail calendar contacts cospend phonetrack polls tasks;
}; };
config = { config = {
adminuser = "admin"; adminuser = "admin";
@ -7438,25 +7444,54 @@ Also, the system state version is set here. No need to touch it.
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"stash.swarsel.win" = { "stash.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
# config is automatically added by nixos nextcloud config.
# hence, only provide certificate
};
};
};
};
}
#+end_src
**** immich
#+begin_src nix :tangle profiles/server/common/immich.nix
{ pkgs, lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.immich {
users.users.immich = {
extraGroups = [ "users" ];
};
# sops.secrets.nextcloudadminpass = { owner = "nextcloud"; };
services.immich = {
enable = true;
port = 3001
openFirewall = true;
mediaLocation = "/Vault/Eternor/Bilder";
home = "/Vault/apps/nextcloud";
};
services.nginx = {
virtualHosts = {
"shots.swarsel.win" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
acmeRoot = null; acmeRoot = null;
locations = { locations = {
"/" = { "/" = {
proxyPass = "https://192.168.1.5"; proxyPass = "http://192.168.1.2:3001";
extraConfig = '' extraConfig = ''
client_max_body_size 0; client_max_body_size 0;
''; '';
}; };
# "/push/" = {
# proxyPass = "http://192.168.2.5:7867";
# };
"/.well-known/carddav" = {
return = "301 $scheme://$host/remote.php/dav";
};
"/.well-known/caldav" = {
return = "301 $scheme://$host/remote.php/dav";
};
}; };
}; };
}; };

4
modules/nixos/setup.nix
View file

@ -16,5 +16,7 @@ in
options.swarselsystems.server.spotifyd = lib.mkEnableOption "enable spotifyd on server"; options.swarselsystems.server.spotifyd = lib.mkEnableOption "enable spotifyd on server";
options.swarselsystems.server.mpd = lib.mkEnableOption "enable mpd on server"; options.swarselsystems.server.mpd = lib.mkEnableOption "enable mpd on server";
options.swarselsystems.server.matrix = lib.mkEnableOption "enable matrix on server"; options.swarselsystems.server.matrix = lib.mkEnableOption "enable matrix on server";
options.swarselsystems.server.nextcloud = lib.mkEnableOption "enable nextcloid on server"; options.swarselsystems.server.nextcloud = lib.mkEnableOption "enable nextcloud on server";
options.swarselsystems.server.immich = lib.mkEnableOption "enable immich on server";
options.swarselsystems.server.paperless = lib.mkEnableOption "enable paperless on server";
} }

1
profiles/server/common/default.nix
View file

@ -20,6 +20,7 @@
./mpd.nix ./mpd.nix
./matrix.nix ./matrix.nix
./nextcloud.nix ./nextcloud.nix
./immich.nix
]; ];
nix = nix =

39
profiles/server/common/immich.nix Normal file
View file

@ -0,0 +1,39 @@
{ pkgs, lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.immich {
users.users.immich = {
extraGroups = [ "users" ];
};
# sops.secrets.nextcloudadminpass = { owner = "nextcloud"; };
services.immich = {
enable = true;
port = 3001
openFirewall = true;
mediaLocation = "/Vault/Eternor/Bilder";
home = "/Vault/apps/nextcloud";
};
services.nginx = {
virtualHosts = {
"shots.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://192.168.1.2:3001";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
};
};
};
}

2
profiles/server/common/matrix.nix
View file

@ -229,7 +229,7 @@ in
}; };
caption_in_message = true; caption_in_message = true;
permissions = { permissions = {
"*" = "relaybot"; "*" = "relay";
"@swarsel:${matrixDomain}" = "admin"; "@swarsel:${matrixDomain}" = "admin";
}; };
}; };

24
profiles/server/common/nextcloud.nix
View file

@ -6,14 +6,15 @@
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
packages = pkgs.nextcloud30;
hostName = "stash.swarsel.win"; hostName = "stash.swarsel.win";
home = "/Vault/apps/nextcloud"; home = "/Vault/apps/nextcloud";
datadir = "/Vault/data/nextcloud"; datadir = "/Vault/data/nextcloud";
https: true; https = true;
configureRedis = true; configureRedis = true;
maxUploadSize = "4G"; maxUploadSize = "4G";
extraApps = { extraApps = {
inherit (pkgs.nextcloud30Packages.apps) mail calendar contact cospend phonetrack polls tasks; inherit (pkgs.nextcloud30Packages.apps) mail calendar contacts cospend phonetrack polls tasks;
}; };
config = { config = {
adminuser = "admin"; adminuser = "admin";
@ -28,23 +29,8 @@
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
acmeRoot = null; acmeRoot = null;
locations = { # config is automatically added by nixos nextcloud config.
"/" = { # hence, only provide certificate
proxyPass = "https://192.168.1.5";
extraConfig = ''
client_max_body_size 0;
'';
};
# "/push/" = {
# proxyPass = "http://192.168.2.5:7867";
# };
"/.well-known/carddav" = {
return = "301 $scheme://$host/remote.php/dav";
};
"/.well-known/caldav" = {
return = "301 $scheme://$host/remote.php/dav";
};
};
}; };
}; };
}; };

2
profiles/server/common/nfs.nix
View file

@ -20,7 +20,7 @@
enable = true; enable = true;
openFirewall = true; openFirewall = true;
shares.Eternor = { settingssys.Eternor = {
browseable = "yes"; browseable = "yes";
"read only" = "no"; "read only" = "no";
"guest ok" = "no"; "guest ok" = "no";

2
profiles/server/winters/default.nix
View file

@ -48,6 +48,8 @@
mpd = false; mpd = false;
matrix = true; matrix = true;
nextcloud = true; nextcloud = true;
immich = true;
paperless = true;
}; };
}; };

BIN
wallpaper/serverwp.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 389 KiB

After

Width:  |  Height:  |  Size: 557 KiB

Before After
Before After