seafile: init

This commit is contained in:
Rouven Seifert 2023-10-15 16:30:40 +02:00
parent 2bacb74cc1
commit fdcfeb524c
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
10 changed files with 170 additions and 41 deletions

View file

@ -301,11 +301,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1696879762,
"narHash": "sha256-Ud6bH4DMcYHUDKavNMxAhcIpDGgHMyL/yaDEAVSImQY=",
"lastModified": 1697059129,
"narHash": "sha256-9NJcFF9CEYPvHJ5ckE8kvINvI84SZZ87PvqMbH6pro0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f99e5f03cc0aa231ab5950a15ed02afec45ed51a",
"rev": "5e4c2ada4fcd54b99d56d7bd62f384511a7e2593",
"type": "github"
},
"original": {

View file

@ -113,6 +113,9 @@
./hosts/nuc
./shared
sops-nix.nixosModules.sops
{
nixpkgs.overlays = [ self.overlays.default ];
}
];
};
falkenstein-1 = nixpkgs.lib.nixosSystem {

View file

@ -5,7 +5,8 @@
services.borgmatic = {
enable = true;
settings = {
location = {
# fix failing check
location = null;
source_directories = [
"/var/lib"
"/var/log"
@ -13,9 +14,11 @@
];
repositories = [
"ssh://root@192.168.10.2/mnt/backup/falkenstein"
{
path = "ssh://root@192.168.10.2/mnt/backup/falkenstein";
label = "nuc";
}
];
};
storage = {
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets."borg/passphrase".path}";
compression = "lz4";

View file

@ -10,6 +10,7 @@
./modules/backup
./modules/hydra
./modules/nextcloud
./modules/seafile
./modules/uptime-kuma
./modules/vaultwarden
./modules/nginx

View file

@ -12,13 +12,18 @@
services.borgmatic = {
enable = true;
settings = {
location.source_directories = [
# fix failing check
location = null;
source_directories = [
"/var/lib"
"/var/log"
"/nix/persist"
];
location.repositories = [
"/mnt/backup/nuc"
repositories = [
{
label = "nuc";
path = "/mnt/backup/nuc";
}
];
storage = {
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets."borg/passphrase".path}";

View file

@ -0,0 +1,29 @@
{ config, pkgs, ... }:
let
domain = "seafile.${config.networking.domain}";
in
{
services.seafile = {
enable = true;
adminEmail = "rouven@rfive.de";
initialAdminPassword = "unused garbage";
ccnetSettings.General.SERVICE_URL = "https://${domain}";
ccnetSettings.General.FILE_SERVER_ROOT = "https://${domain}/seafhttp";
};
services.nginx.virtualHosts."${domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://unix:/run/seahub/gunicorn.sock";
};
locations."/seafhttp" = {
proxyPass = "http://127.0.0.1:${toString config.services.seafile.seafileSettings.fileserver.port}";
extraConfig = ''
rewrite ^/seafhttp(.*)$ $1 break;
'';
};
locations."/media" = {
root = pkgs.seahub;
};
};
}

View file

@ -5,7 +5,8 @@
services.borgmatic = {
enable = true;
settings = {
location = {
# fix failing check
location = null;
source_directories = [
"/var/lib"
"/var/log"
@ -15,7 +16,10 @@
];
repositories = [
"ssh://root@192.168.10.2/mnt/backup/thinkpad"
{
label = "nuc";
path = "ssh://root@192.168.10.2/mnt/backup/thinkpad";
}
];
exclude_patterns = [
"/home/*/.cache"
@ -30,7 +34,6 @@
"/home/*/.local/share"
"/home/*/Linux/Isos"
];
};
storage = {
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets."borg/passphrase".path}";
compression = "lz4";

View file

@ -1,8 +1,11 @@
_final: prev:
let
inherit (prev) callPackage;
inherit (prev) python3Packages;
inherit (prev) fetchFromGitHub;
inherit (prev) fetchPypi;
inherit (prev) fetchpatch;
inherit (prev) makeWrapper;
in
{
wpa_supplicant_gui = prev.wpa_supplicant_gui.overrideAttrs
@ -44,4 +47,82 @@ in
gnome-break-timer = callPackage ../pkgs/gnome-break-timer { };
jmri = callPackage ../pkgs/jmri { };
adguardian-term = callPackage ../pkgs/adguardian-term { };
# upstream package is broken and can't be fixed by overriding attrs. so I just completely redo it in here
seahub = (python3Packages.buildPythonApplication
rec {
pname = "seahub";
version = "11.0.1";
format = "other";
src = fetchFromGitHub {
owner = "haiwen";
repo = "seahub";
rev = "v11.0.1-pro";
sha256 = "sha256-dxMvbiAdECMZIf+HgA5P2gZYI9l+k+nhmdzfg90037A=";
};
dontBuild = true;
doCheck = false; # disabled because it requires a ccnet environment
nativeBuildInputs = [
makeWrapper
];
propagatedBuildInputs = with python3Packages; [
django
future
django-compressor
django-statici18n
django-webpack-loader
django-simple-captcha
django-picklefield
django-formtools
mysqlclient
pillow
python-dateutil
djangorestframework
openpyxl
requests
requests-oauthlib
chardet
pyjwt
pycryptodome
qrcode
pysearpc
seaserv
gunicorn
markdown
bleach
python-ldap
pyopenssl
(buildPythonPackage rec {
pname = "djangosaml2";
version = "1.7.0";
doCheck = false;
propagatedBuildInputs = [
pysaml2
django
defusedxml
];
src = fetchPypi {
inherit pname version;
sha256 = "sha256-WiMl2UvbOskLA5o5LXPrBF2VktlDnlBNdc42eZ62Fko=";
};
})
];
installPhase = ''
cp -dr --no-preserve='ownership' . $out/
wrapProgram $out/manage.py \
--prefix PYTHONPATH : "$PYTHONPATH:$out/thirdpart:"
'';
passthru = rec {
python = prev.python3;
pythonPath = python.pkgs.makePythonPath propagatedBuildInputs;
};
});
}

View file

@ -21,6 +21,7 @@
pylint
]))
clang-tools
nodePackages.typescript-language-server
];
programs.helix = {
enable = true;

View file

@ -16,6 +16,8 @@ in
pcmanfm
xdg-utils # used for xdg-open
tex
appimage-run
seafile-client
# graphics
evince # pdf viewer
@ -29,6 +31,7 @@ in
# sound
pavucontrol
x32edit
spotify
# bluetooth
blueman