dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos/jackflix: Add PhotoPrism
All checks were successful
CI / Check, build and cache Nix flake (push) Successful in 34m59s
Details

Browse Source
This commit is contained in:
Jack O'Sullivan 2024-05-06 00:57:52 +01:00
parent 6eefe97764
commit c6d5705097
6 changed files with 66 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/constants.nix
View File

@ -12,6 +12,7 @@ rec {
atticd = 403; atticd = 403;
kea = 404; kea = 404;
keepalived_script = 405; keepalived_script = 405;
photoprism = 406;
}; };
gids = { gids = {
matrix-syncv3 = 400; matrix-syncv3 = 400;
@ -20,6 +21,7 @@ rec {
atticd = 403; atticd = 403;
kea = 404; kea = 404;
keepalived_script = 405; keepalived_script = 405;
photoprism = 406;
}; };
}; };

33
nixos/boxes/colony/vms/shill/containers/jackflix/default.nix
View File

@ -1,6 +1,8 @@
{ lib, ... }: { lib, ... }:
let let
inherit (lib) concatStringsSep;
inherit (lib.my) net; inherit (lib.my) net;
inherit (lib.my.c) pubDomain;
inherit (lib.my.c.colony) domain prefixes; inherit (lib.my.c.colony) domain prefixes;
in in
{ {
@ -35,6 +37,9 @@ in
secrets = { secrets = {
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUv1ntVrZv5ripsKpcOAnyDQX2PHjowzyhqWK10Ml53"; key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUv1ntVrZv5ripsKpcOAnyDQX2PHjowzyhqWK10Ml53";
files = {
"jackflix/photoprism-pass.txt" = {};
};
}; };
}; };
@ -50,10 +55,16 @@ in
uid = uids.jellyseerr; uid = uids.jellyseerr;
group = "jellyseerr"; group = "jellyseerr";
}; };
photoprism = {
isSystemUser = true;
uid = uids.photoprism;
group = "photoprism";
};
}; };
groups = { groups = {
media.gid = 2000; media.gid = 2000;
jellyseerr.gid = gids.jellyseerr; jellyseerr.gid = gids.jellyseerr;
photoprism.gid = gids.photoprism;
}; };
}; };
@ -76,6 +87,10 @@ in
RootDirectoryStartOnly = lib.mkForce false; RootDirectoryStartOnly = lib.mkForce false;
RootDirectory = lib.mkForce ""; RootDirectory = lib.mkForce "";
}; };
photoprism.serviceConfig = {
# Needs to be able to access its data
DynamicUser = mkForce false;
};
}; };
}; };
@ -117,6 +132,24 @@ in
}; };
jellyfin.enable = true; jellyfin.enable = true;
photoprism = {
enable = true;
address = "[::]";
port = 2342;
originalsPath = "/mnt/media/photoprism/originals";
importPath = "/mnt/media/photoprism/import";
passwordFile = config.age.secrets."jackflix/photoprism-pass.txt".path;
settings = {
PHOTOPRISM_AUTH_MODE = "password";
PHOTOPRISM_ADMIN_USER = "dev";
PHOTOPRISM_APP_NAME = "/dev/player0 Photos";
PHOTOPRISM_SITE_URL = "https://photos.${pubDomain}/";
PHOTOPRISM_SITE_TITLE = "/dev/player0 Photos";
PHOTOPRISM_TRUSTED_PROXY = concatStringsSep "," (with prefixes.ctrs; [ v4 v6 ]);
PHOTOPRISM_DATABASE_DRIVER = "sqlite";
};
};
}; };
}; };
}; };

2
nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix
View File

@ -37,7 +37,7 @@ in
tcp dport ${toString transmissionPeerPort} accept tcp dport ${toString transmissionPeerPort} accept
iifname vpn return iifname vpn return
tcp dport { 19999, 9091, 9117, 7878, 8989, 8096 } accept tcp dport { 19999, 9091, 9117, 7878, 8989, 8096, 2342 } accept
return return
} }
chain input { chain input {

8
nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
View File

@ -388,6 +388,14 @@ in
locations."/".proxyPass = "http://object-ctr.${domain}:8088"; locations."/".proxyPass = "http://object-ctr.${domain}:8088";
useACMEHost = pubDomain; useACMEHost = pubDomain;
}; };
"photos.${pubDomain}" = {
locations."/" = {
proxyPass = "http://jackflix-ctr.${domain}:2342";
proxyWebsockets = true;
extraConfig = proxyHeaders;
};
useACMEHost = pubDomain;
};
}; };
minio = minio =

10
nixos/modules/tmproot.nix
View File

@ -496,6 +496,16 @@ in
(mkIf (config.services ? "wastebin" && config.services.wastebin.enable) { (mkIf (config.services ? "wastebin" && config.services.wastebin.enable) {
my.tmproot.persistence.config.directories = [ "/var/lib/private/wastebin" ]; my.tmproot.persistence.config.directories = [ "/var/lib/private/wastebin" ];
}) })
(mkIf config.services.photoprism.enable {
my.tmproot.persistence.config.directories = [
{
directory = config.services.photoprism.storagePath;
mode = "0750";
user = "photoprism";
group = "photoprism";
}
];
})
])) ]))
]); ]);

12
secrets/jackflix/photoprism-pass.txt.age Normal file
View File

@ -0,0 +1,12 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IGhNYTRudyBGWFZS
Umg0Zm44TlY2djBaSUNuRGdRSTFob290aHJ2a0xnL2ZXSE9qUndNCnBJUVNUcEpF
M3F6UUYzanlENmM1Wm11WHllRzVyc1hEemtpT010ZjdKcFUKLT4gWDI1NTE5IHJV
KzdZUm5HUldPdlBHcFd1L2lEMy84ZVBqL1BoRUdlTjVMMjQ0U0dmMUUKeXFDejl5
TW5sVkJoQzFZb0R5MStoOFJKbUluN3gvTXBmd2E0MmR1ZHgxTQotPiB9SC1ncmVh
c2UgbyBKbWN2WE1kCjdESDIwMkN4NXpxU3A1cnJLamRoUUpSN2x6U2VPaEhNODdn
c05uSHBOQ0Q0a2FpY2RQc1hvUFVMZlJqdm53WjAKRGlvN1JjUnd2RWp2ZzN0Z3pv
RVozT1lueWZhck40T1VMMkd5TjZOclFhamU5NjgKLS0tIFcvemlDZ1B5d1h4cHJI
ejNuRFRERk5vU1BKbzZkUEtKSlk3K2NxTzFUQ1EK8tR8pcagaUMue5Rjz2BLNbU4
8SL2h7FsScBnIHka3122jwjgxviwH7T0YfgHpZCf+yLwVg==
-----END AGE ENCRYPTED FILE-----