Compare commits
2 commits
e806b77315
...
3ea35b67ae
Author | SHA1 | Date | |
---|---|---|---|
3ea35b67ae | |||
c5b0d3966c |
6 changed files with 92 additions and 14 deletions
|
@ -5,6 +5,8 @@
|
|||
...
|
||||
}: {
|
||||
imports = [inputs.arkenfox.hmModules.default];
|
||||
home.file.".mozilla/native-messaging-hosts/org.kde.plasma.browser_integration.json".source = "${pkgs.plasma5Packages.plasma-browser-integration}/lib/mozilla/native-messaging-hosts/org.kde.plasma.browser_integration.json";
|
||||
|
||||
programs.firefox = {
|
||||
enable = true;
|
||||
|
||||
|
@ -117,6 +119,7 @@
|
|||
search.default = "Searx";
|
||||
|
||||
settings = {
|
||||
"media.hardwaremediakeys.enabled" = false;
|
||||
"dom.security.https_only_mode" = true;
|
||||
"browser.download.panel.shown" = false;
|
||||
"browser.toolbars.bookmarks.visibility" = "always";
|
||||
|
|
45
hosts/franz/arion/feed/arion-compose.nix
Normal file
45
hosts/franz/arion/feed/arion-compose.nix
Normal file
|
@ -0,0 +1,45 @@
|
|||
{pkgs, ...}: {
|
||||
project.name = "feed";
|
||||
|
||||
networks.dmz = {
|
||||
name = "dmz";
|
||||
external = true;
|
||||
};
|
||||
|
||||
networks.transport = {};
|
||||
|
||||
services = {
|
||||
ttrss.service = {
|
||||
image = "wangqiru/ttrss:latest";
|
||||
container_name = "ttrss";
|
||||
ports = [
|
||||
"181:80"
|
||||
];
|
||||
environment = {
|
||||
PUID = 1000;
|
||||
PGID = 1000;
|
||||
DB_HOST = "db";
|
||||
};
|
||||
env_file = [
|
||||
"/home/ghoscht/.docker/feed/ttrss.env"
|
||||
];
|
||||
restart = "always";
|
||||
networks = [
|
||||
"dmz"
|
||||
];
|
||||
};
|
||||
};
|
||||
db.service = {
|
||||
image = "postgres:13-alpine";
|
||||
volumes = [
|
||||
"/home/ghoscht/.docker/feed/ttrss_db:/var/lib/postgresql/data"
|
||||
];
|
||||
env_file = [
|
||||
"/home/ghoscht/.docker/feed/ttrss.env"
|
||||
];
|
||||
restart = "always";
|
||||
networks = [
|
||||
"dmz"
|
||||
];
|
||||
};
|
||||
}
|
6
hosts/franz/arion/feed/arion-pkgs.nix
Normal file
6
hosts/franz/arion/feed/arion-pkgs.nix
Normal file
|
@ -0,0 +1,6 @@
|
|||
# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH
|
||||
import <nixpkgs> {
|
||||
# We specify the architecture explicitly. Use a Linux remote builder when
|
||||
# calling arion from other platforms.
|
||||
system = "x86_64-linux";
|
||||
}
|
22
hosts/franz/arion/feed/default.nix
Normal file
22
hosts/franz/arion/feed/default.nix
Normal file
|
@ -0,0 +1,22 @@
|
|||
{config, ...}: let
|
||||
vars = import ../../../../vars.nix;
|
||||
in {
|
||||
virtualisation.arion = {
|
||||
projects.feed.settings = {
|
||||
imports = [./arion-compose.nix];
|
||||
};
|
||||
};
|
||||
|
||||
sops.secrets."ttrs/db_password" = {
|
||||
owner = vars.user;
|
||||
};
|
||||
|
||||
sops.templates."ttrss.env" = {
|
||||
path = "/home/${vars.user}/.docker/feed/ttrss.env";
|
||||
owner = vars.user;
|
||||
mode = "0775";
|
||||
content = ''
|
||||
DB_PASS="${config.sops.placeholder."ttrss/db_password"}"
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -43,18 +43,18 @@
|
|||
"dmz"
|
||||
];
|
||||
};
|
||||
cloudflared.service = {
|
||||
image = "cloudflare/cloudflared:latest";
|
||||
container_name = "cloudflared";
|
||||
env_file = [
|
||||
"/home/ghoscht/.docker/infrastructure/cloudflared.env"
|
||||
];
|
||||
restart = "always";
|
||||
command = "tunnel --no-autoupdate --protocol http2 run";
|
||||
networks = [
|
||||
"dmz"
|
||||
];
|
||||
};
|
||||
# cloudflared.service = {
|
||||
# image = "cloudflare/cloudflared:latest";
|
||||
# container_name = "cloudflared";
|
||||
# env_file = [
|
||||
# "/home/ghoscht/.docker/infrastructure/cloudflared.env"
|
||||
# ];
|
||||
# restart = "always";
|
||||
# command = "tunnel --no-autoupdate --protocol http2 run";
|
||||
# networks = [
|
||||
# "dmz"
|
||||
# ];
|
||||
# };
|
||||
scrutiny.service = {
|
||||
image = "ghcr.io/analogj/scrutiny:master-omnibus";
|
||||
container_name = "scrutiny";
|
||||
|
|
|
@ -25,6 +25,8 @@ unpackerr:
|
|||
sonarr_api_key: ENC[AES256_GCM,data:iENKLrYT7xbRrFAxN58VItZWhGfWjX1Nbu8zpFWA2ZI=,iv:WGFPGGoCvT993t9ROg1cRVPg8+qlDE92VpKfm9PNfpo=,tag:KBMggYqcUEhTg7yVaytysg==,type:str]
|
||||
radarr_api_key: ENC[AES256_GCM,data:zFMPIFc682n0wj/UOI6BUag2wVVys3EXCcYNqatExJA=,iv:NwRUIHolFyw9P0iiNrgm6EV+GAp5sSLho1NEwv5DaHw=,tag:TpapILDy8Oad5XzudcXaeQ==,type:str]
|
||||
lidarr_api_key: ENC[AES256_GCM,data:WZzb/Is7qdIq9qPEYt0FFXSucUx3qCv/isWwUyxDrB0=,iv:k0CFPUU4UmTmW0R/5sWgptbsfdLlglKze3EAyNi6t1E=,tag:aXUZd43krL9qKvs1uvJ4AA==,type:str]
|
||||
ttrss:
|
||||
db_password: ENC[AES256_GCM,data:Yp44TDA=,iv:3eurDNE37mf2qDunCJczIyq26ttWwX9J6OhxMydEiq4=,tag:+Ce6sV40xn3VzgacEAY5NQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -40,8 +42,8 @@ sops:
|
|||
VUUxcEhvYi8zeXlCUUViUTl0eWdhcU0KXOfbnDc+zc8lnBcyEAV5EiJSjcSU6AgI
|
||||
EfeRw8qVqwChrYn1agslcNnDbE0WQsOCBuA6cE4V3kRofp9HU949ig==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-03-06T15:02:59Z"
|
||||
mac: ENC[AES256_GCM,data:jWfGV2lKFoDEX+1OUzbnzYE0zqzh6+GX/X9IsZ1igg6xMW7T1sfQwKrRBHUnRO6HTDd9ppcIsRkZo/tL76mmLRiOlMrsoWD8quzkSjJrW6whxQn0acyqVhIw3KZmmet8+ICV4lIuI006zr3vffPVkDAizhrl3jXnuLBO+8yADHs=,iv:cxozu5kuLU1wXWiu0RfxYJgYUkoMyEUSmfHXrrfCMhc=,tag:rUbr/h3FKmil6zRBSG4RSw==,type:str]
|
||||
lastmodified: "2024-03-15T20:30:02Z"
|
||||
mac: ENC[AES256_GCM,data:sdxHWMIA4KwVNVSBe/oh5LrR4W11NES3qt5HVlAvVqmpEnLfSRMXCtGXnyBk0eN8O9hW6Zi135ZBQeyrVIQlsXU55LXLfQeWBK6VdLIfLScVDmJJ5MAMMl9ExhDr7XZ5tfmMkHsLnUSz7AM0tXmmbj5uwC40NDlyXZgOxo1fV8g=,iv:c0SaijwURfAJ1k0u/hed7jtBIV+4dqHSs8cGftEOmNU=,tag:sGBse6Um0LgUbOF207ZZCQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in a new issue