mirror of
https://git.sr.ht/~rouven/nixos-config
synced 2024-11-15 05:13:10 +01:00
seafile: init
This commit is contained in:
parent
2bacb74cc1
commit
fdcfeb524c
|
@ -301,11 +301,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1696879762,
|
||||
"narHash": "sha256-Ud6bH4DMcYHUDKavNMxAhcIpDGgHMyL/yaDEAVSImQY=",
|
||||
"lastModified": 1697059129,
|
||||
"narHash": "sha256-9NJcFF9CEYPvHJ5ckE8kvINvI84SZZ87PvqMbH6pro0=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "f99e5f03cc0aa231ab5950a15ed02afec45ed51a",
|
||||
"rev": "5e4c2ada4fcd54b99d56d7bd62f384511a7e2593",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -113,6 +113,9 @@
|
|||
./hosts/nuc
|
||||
./shared
|
||||
sops-nix.nixosModules.sops
|
||||
{
|
||||
nixpkgs.overlays = [ self.overlays.default ];
|
||||
}
|
||||
];
|
||||
};
|
||||
falkenstein-1 = nixpkgs.lib.nixosSystem {
|
||||
|
|
|
@ -5,7 +5,8 @@
|
|||
services.borgmatic = {
|
||||
enable = true;
|
||||
settings = {
|
||||
location = {
|
||||
# fix failing check
|
||||
location = null;
|
||||
source_directories = [
|
||||
"/var/lib"
|
||||
"/var/log"
|
||||
|
@ -13,9 +14,11 @@
|
|||
];
|
||||
|
||||
repositories = [
|
||||
"ssh://root@192.168.10.2/mnt/backup/falkenstein"
|
||||
{
|
||||
path = "ssh://root@192.168.10.2/mnt/backup/falkenstein";
|
||||
label = "nuc";
|
||||
}
|
||||
];
|
||||
};
|
||||
storage = {
|
||||
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets."borg/passphrase".path}";
|
||||
compression = "lz4";
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
./modules/backup
|
||||
./modules/hydra
|
||||
./modules/nextcloud
|
||||
./modules/seafile
|
||||
./modules/uptime-kuma
|
||||
./modules/vaultwarden
|
||||
./modules/nginx
|
||||
|
|
|
@ -12,13 +12,18 @@
|
|||
services.borgmatic = {
|
||||
enable = true;
|
||||
settings = {
|
||||
location.source_directories = [
|
||||
# fix failing check
|
||||
location = null;
|
||||
source_directories = [
|
||||
"/var/lib"
|
||||
"/var/log"
|
||||
"/nix/persist"
|
||||
];
|
||||
location.repositories = [
|
||||
"/mnt/backup/nuc"
|
||||
repositories = [
|
||||
{
|
||||
label = "nuc";
|
||||
path = "/mnt/backup/nuc";
|
||||
}
|
||||
];
|
||||
storage = {
|
||||
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets."borg/passphrase".path}";
|
||||
|
|
29
hosts/nuc/modules/seafile/default.nix
Normal file
29
hosts/nuc/modules/seafile/default.nix
Normal file
|
@ -0,0 +1,29 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
domain = "seafile.${config.networking.domain}";
|
||||
in
|
||||
{
|
||||
services.seafile = {
|
||||
enable = true;
|
||||
adminEmail = "rouven@rfive.de";
|
||||
initialAdminPassword = "unused garbage";
|
||||
ccnetSettings.General.SERVICE_URL = "https://${domain}";
|
||||
ccnetSettings.General.FILE_SERVER_ROOT = "https://${domain}/seafhttp";
|
||||
};
|
||||
services.nginx.virtualHosts."${domain}" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://unix:/run/seahub/gunicorn.sock";
|
||||
};
|
||||
locations."/seafhttp" = {
|
||||
proxyPass = "http://127.0.0.1:${toString config.services.seafile.seafileSettings.fileserver.port}";
|
||||
extraConfig = ''
|
||||
rewrite ^/seafhttp(.*)$ $1 break;
|
||||
'';
|
||||
};
|
||||
locations."/media" = {
|
||||
root = pkgs.seahub;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -5,7 +5,8 @@
|
|||
services.borgmatic = {
|
||||
enable = true;
|
||||
settings = {
|
||||
location = {
|
||||
# fix failing check
|
||||
location = null;
|
||||
source_directories = [
|
||||
"/var/lib"
|
||||
"/var/log"
|
||||
|
@ -15,7 +16,10 @@
|
|||
];
|
||||
|
||||
repositories = [
|
||||
"ssh://root@192.168.10.2/mnt/backup/thinkpad"
|
||||
{
|
||||
label = "nuc";
|
||||
path = "ssh://root@192.168.10.2/mnt/backup/thinkpad";
|
||||
}
|
||||
];
|
||||
exclude_patterns = [
|
||||
"/home/*/.cache"
|
||||
|
@ -30,7 +34,6 @@
|
|||
"/home/*/.local/share"
|
||||
"/home/*/Linux/Isos"
|
||||
];
|
||||
};
|
||||
storage = {
|
||||
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets."borg/passphrase".path}";
|
||||
compression = "lz4";
|
||||
|
|
|
@ -1,8 +1,11 @@
|
|||
_final: prev:
|
||||
let
|
||||
inherit (prev) callPackage;
|
||||
inherit (prev) python3Packages;
|
||||
inherit (prev) fetchFromGitHub;
|
||||
inherit (prev) fetchPypi;
|
||||
inherit (prev) fetchpatch;
|
||||
inherit (prev) makeWrapper;
|
||||
in
|
||||
{
|
||||
wpa_supplicant_gui = prev.wpa_supplicant_gui.overrideAttrs
|
||||
|
@ -44,4 +47,82 @@ in
|
|||
gnome-break-timer = callPackage ../pkgs/gnome-break-timer { };
|
||||
jmri = callPackage ../pkgs/jmri { };
|
||||
adguardian-term = callPackage ../pkgs/adguardian-term { };
|
||||
|
||||
# upstream package is broken and can't be fixed by overriding attrs. so I just completely redo it in here
|
||||
seahub = (python3Packages.buildPythonApplication
|
||||
rec {
|
||||
pname = "seahub";
|
||||
version = "11.0.1";
|
||||
format = "other";
|
||||
src = fetchFromGitHub {
|
||||
owner = "haiwen";
|
||||
repo = "seahub";
|
||||
rev = "v11.0.1-pro";
|
||||
sha256 = "sha256-dxMvbiAdECMZIf+HgA5P2gZYI9l+k+nhmdzfg90037A=";
|
||||
};
|
||||
|
||||
|
||||
dontBuild = true;
|
||||
|
||||
doCheck = false; # disabled because it requires a ccnet environment
|
||||
|
||||
nativeBuildInputs = [
|
||||
makeWrapper
|
||||
];
|
||||
|
||||
propagatedBuildInputs = with python3Packages; [
|
||||
django
|
||||
future
|
||||
django-compressor
|
||||
django-statici18n
|
||||
django-webpack-loader
|
||||
django-simple-captcha
|
||||
django-picklefield
|
||||
django-formtools
|
||||
mysqlclient
|
||||
pillow
|
||||
python-dateutil
|
||||
djangorestframework
|
||||
openpyxl
|
||||
requests
|
||||
requests-oauthlib
|
||||
chardet
|
||||
pyjwt
|
||||
pycryptodome
|
||||
qrcode
|
||||
pysearpc
|
||||
seaserv
|
||||
gunicorn
|
||||
markdown
|
||||
bleach
|
||||
python-ldap
|
||||
pyopenssl
|
||||
(buildPythonPackage rec {
|
||||
pname = "djangosaml2";
|
||||
version = "1.7.0";
|
||||
doCheck = false;
|
||||
propagatedBuildInputs = [
|
||||
pysaml2
|
||||
django
|
||||
defusedxml
|
||||
];
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "sha256-WiMl2UvbOskLA5o5LXPrBF2VktlDnlBNdc42eZ62Fko=";
|
||||
};
|
||||
})
|
||||
];
|
||||
|
||||
installPhase = ''
|
||||
cp -dr --no-preserve='ownership' . $out/
|
||||
wrapProgram $out/manage.py \
|
||||
--prefix PYTHONPATH : "$PYTHONPATH:$out/thirdpart:"
|
||||
'';
|
||||
|
||||
passthru = rec {
|
||||
python = prev.python3;
|
||||
pythonPath = python.pkgs.makePythonPath propagatedBuildInputs;
|
||||
};
|
||||
});
|
||||
|
||||
}
|
||||
|
|
|
@ -21,6 +21,7 @@
|
|||
pylint
|
||||
]))
|
||||
clang-tools
|
||||
nodePackages.typescript-language-server
|
||||
];
|
||||
programs.helix = {
|
||||
enable = true;
|
||||
|
|
|
@ -16,6 +16,8 @@ in
|
|||
pcmanfm
|
||||
xdg-utils # used for xdg-open
|
||||
tex
|
||||
appimage-run
|
||||
seafile-client
|
||||
|
||||
# graphics
|
||||
evince # pdf viewer
|
||||
|
@ -29,6 +31,7 @@ in
|
|||
# sound
|
||||
pavucontrol
|
||||
x32edit
|
||||
spotify
|
||||
|
||||
# bluetooth
|
||||
blueman
|
||||
|
|
Loading…
Reference in a new issue