testing use of unstable
This commit is contained in:
@@ -1,12 +1,16 @@
|
||||
{ pkgs, config, lib, inputs, ... }:
|
||||
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
inputs,
|
||||
unstable_pkgs,
|
||||
...
|
||||
}: let
|
||||
service = "immich";
|
||||
cfg = config.homelab.${service};
|
||||
sec = config.sops.secrets;
|
||||
homelab = config.homelab;
|
||||
in
|
||||
{
|
||||
in {
|
||||
options.homelab.${service} = {
|
||||
enable = lib.mkEnableOption "enables ${service}";
|
||||
|
||||
@@ -43,9 +47,8 @@ in
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
# declare ${service} group
|
||||
users.groups.${service} = { gid = lib.mkForce cfg.ids; };
|
||||
users.groups.${service} = {gid = lib.mkForce cfg.ids;};
|
||||
|
||||
# declare ${service} user
|
||||
users.users.${service} = {
|
||||
@@ -55,13 +58,14 @@ in
|
||||
home = cfg.data_dir;
|
||||
createHome = true;
|
||||
group = service;
|
||||
extraGroups = [ "video" "render" ];
|
||||
extraGroups = ["video" "render"];
|
||||
};
|
||||
|
||||
# enable the ${service} service
|
||||
services.${service} = {
|
||||
enable = true;
|
||||
package = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.immich;
|
||||
#package = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.immich;
|
||||
package = unstable_pkgs.x86_64.immich;
|
||||
openFirewall = true;
|
||||
user = service;
|
||||
group = service;
|
||||
@@ -72,16 +76,16 @@ in
|
||||
};
|
||||
|
||||
# override umask to make permissions work out
|
||||
# systemd.services."${toString service}-server".serviceConfig = {
|
||||
# UMask = lib.mkForce "0007";
|
||||
# };
|
||||
# systemd.services."${toString service}-server".serviceConfig = {
|
||||
# UMask = lib.mkForce "0007";
|
||||
# };
|
||||
|
||||
# # open firewall
|
||||
# networking.firewall.allowedTCPPorts = [ cfg.port ];
|
||||
# # open firewall
|
||||
# networking.firewall.allowedTCPPorts = [ cfg.port ];
|
||||
|
||||
# add to caddy for reverse proxy
|
||||
services.caddy.virtualHosts."${cfg.url}" = {
|
||||
serverAliases = [ "photos.${homelab.public_domain}" ];
|
||||
serverAliases = ["photos.${homelab.public_domain}"];
|
||||
extraConfig = ''
|
||||
tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
|
||||
reverse_proxy 127.0.0.1:${toString cfg.port}
|
||||
@@ -89,16 +93,19 @@ in
|
||||
};
|
||||
|
||||
# add to glance
|
||||
homelab.glance.links.services = [{
|
||||
title = service;
|
||||
url = "https://photos.${homelab.public_domain}";
|
||||
error-url = "http://${homelab.host_ip}:${toString cfg.port}";
|
||||
check-url = "http://${homelab.host_ip}:${toString cfg.port}";
|
||||
icon = "di:${service}"; }];
|
||||
homelab.glance.links.services = [
|
||||
{
|
||||
title = service;
|
||||
url = "https://photos.${homelab.public_domain}";
|
||||
error-url = "http://${homelab.host_ip}:${toString cfg.port}";
|
||||
check-url = "http://${homelab.host_ip}:${toString cfg.port}";
|
||||
icon = "di:${service}";
|
||||
}
|
||||
];
|
||||
|
||||
# add to backups
|
||||
system.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir "/var/lib/redis-immich" ]; };
|
||||
${service} = {paths = [cfg.data_dir "/var/lib/redis-immich"];};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user