repomaa/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
be9d398606b68a559d1174ce214cff4a6cb5e013
nixos/hosts/freun-dev/services.nix
Joakim Repomaa be9d398606 refactor immich
2024-07-02 10:56:58 +03:00

64 lines
1.6 KiB
Nix
Raw Blame History

{ pkgs, ... }:
rec {
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.caddy = {
enable = true;
enableReload = true;
email = "admin@pimeys.pm";
};
services.postgresql.enable = true;
virtualisation.podman = {
enable = true;
autoPrune.enable = true;
dockerCompat = true;
defaultNetwork.settings = {
# Required for container networking to be able to use names.
dns_enabled = true;
};
};
virtualisation.oci-containers.backend = "podman";
networking.firewall = {
trustedInterfaces = [ "podman1" ];
interfaces.podman1.allowedUDPPorts = [ 53 ];
};
imports = [
../modules/services/vaultwarden.nix
../modules/services/immich.nix
../modules/services/syncthing.nix
../modules/services/invidious.nix
../modules/servies/grafana.nix
../modules/servies/gtrackmap.nix
../modules/services/owncast.nix
../modules/services/hydra.nix
../modules/services/wireguard.nix
];
services.immich = {
enable = true;
fqdn = "img.freun.dev";
data_dir = fileSystems.immich_data.mountPoint;
secrets = "/var/secrets/immich";
};
fileSystems.immich_data = {
mountPoint = "/mnt/storage/immich";
device = "//u407959.your-storagebox.de/backup/immich";
fsType = "cifs";
options =
let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,auto,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
in
[ "${automount_opts},credentials=/var/secrets/smb-storage" ];
};
environment.systemPackages = [ pkgs.cifs-utils ];
}
Reference in New Issue View Git Blame Copy Permalink