From eb1c5d0b567895d8049e0f74fd56c678b389e8b6 Mon Sep 17 00:00:00 2001 From: Myned Date: Wed, 16 Oct 2024 20:39:08 -0500 Subject: [PATCH] conduwuit: migrate to container Signed-off-by: Myned --- options/custom/containers/conduwuit.nix | 42 ++++++++++++++++++++++++ profiles/server/default.nix | 3 +- secrets/secrets.nix | 1 + secrets/server/conduwuit/conduwuit.toml | Bin 0 -> 1119 bytes 4 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 options/custom/containers/conduwuit.nix create mode 100644 secrets/server/conduwuit/conduwuit.toml diff --git a/options/custom/containers/conduwuit.nix b/options/custom/containers/conduwuit.nix new file mode 100644 index 0000000..d074017 --- /dev/null +++ b/options/custom/containers/conduwuit.nix @@ -0,0 +1,42 @@ +{ + config, + inputs, + lib, + ... +}: +with lib; let + cfg = config.custom.containers.conduwuit; +in { + options.custom.containers.conduwuit.enable = mkOption {default = false;}; + + config = mkIf cfg.enable { + age.secrets = let + secret = filename: { + file = "${inputs.self}/secrets/${filename}"; + }; + in { + "${config.custom.profile}/conduwuit/conduwuit.toml" = secret "${config.custom.profile}/conduwuit/conduwuit.toml"; + }; + + #?? arion-conduwuit pull + environment.shellAliases.arion-conduwuit = "sudo arion --prebuilt-file ${config.virtualisation.arion.projects.conduwuit.settings.out.dockerComposeYaml}"; + + virtualisation.arion.projects.conduwuit.settings.services = { + conduwuit.service = { + container_name = "conduwuit"; + image = "girlbossceo/conduwuit:main"; + ports = ["127.0.0.1:6167:6167"]; + restart = "unless-stopped"; + + environment = { + CONDUWUIT_CONFIG = "/etc/conduwuit/conduwuit.toml"; + }; + + volumes = [ + "${config.custom.containers.directory}/conduwuit/db:/var/lib/conduwuit" + "${config.age.secrets."${config.custom.profile}/conduwuit/conduwuit.toml".path}:/etc/conduwuit/conduwuit.toml" + ]; + }; + }; + }; +} diff --git a/profiles/server/default.nix b/profiles/server/default.nix index b9a4e1d..eab86cc 100644 --- a/profiles/server/default.nix +++ b/profiles/server/default.nix @@ -7,6 +7,7 @@ enable = true; boot = true; #// actualbudget.enable = true; + conduwuit.enable = true; coturn.enable = true; forgejo.enable = true; foundryvtt.enable = true; @@ -20,7 +21,7 @@ services = { caddy.enable = true; - matrix-conduit.enable = true; + #// matrix-conduit.enable = true; #// modufur.enable = true; #// tailscale.cert = true; diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 99056e2..567b157 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -67,6 +67,7 @@ in { ### Server "server/borgmatic/borgbase".publicKeys = server; "server/caddy/Caddyfile".publicKeys = server; + "server/conduwuit/conduwuit.toml".publicKeys = server; "server/coturn/coturn.conf".publicKeys = server; "server/forgejo/.env".publicKeys = server; "server/forgejo/db.env".publicKeys = server; diff --git a/secrets/server/conduwuit/conduwuit.toml b/secrets/server/conduwuit/conduwuit.toml new file mode 100644 index 0000000000000000000000000000000000000000..f80b76870ed68a1251c9a56c071647c5a9dfd093 GIT binary patch literal 1119 zcmV-l1fct2XJsvAZewzJaCB*JZZ2D=>3daCmZP zMtFKuSZFjxQ!q3^bY?G9VNEkZG&f9VSwTi*H!x30W@`#9J|J^*Xf0)AGBq_ZIUsXp zczSP9AVGC=dOfAFGq7LGh=i|H)m*BHdt9?GEZSJSYkF|Zg4{|3QAaO zLUmDdMOHI)O;JT*NH}F|PH<>aY;1K{XjDRHW;IzhZ!t-6Suizg3N1b$b8~1dWn?ln zH8D9LX?Hegac3YnQc_|>S#~%?a!Nu_Fjsg~bw+Y)jGHbP8l zK`;tfL`F_bT5xuEI7W9iOImVTbU{i^QBQMYOG-jUa#(0tF-u7=O-5r^bT|qvEiE8* zQgvlEYg1}$MPn~BF=#U}Lt1%GNjPp)bU0*Tb22b;Ygbu#aYlGhRA&l!PfuY8ELQ^M zUUBd%uFnd7p%_Rf6C@r7SfvUA>A{6cW}fS72~|CjgBX-ww(icJkqadgRyf2PP- z5CFtg+yjI8m(}yw#-$jiA4yyP@wb_ZvYCeKb9G?6#SGT>$8Y|Db_BxUC?=qY^}E}Z zJUM?GyLJdOEy>ulA$-|J^t+CLS5EIh6fqw|76p-^H%rU<63nLd7kzTmyKOITi=urRMC$d(AjPTH;tkCly{cq&>jaud>Xm&lb_dx{|^# z>1`!^*v)mi&1K@R-br9%@s-{~7TfIpNP9AvMJ}Rcxvj8np~CrhTb!N4ZO3{bp3}#* zbQM$A&m6rLV0tdW)itv@z)cEncyFXsh{n~D$-qAKK+05~zgPx}UvbT+J8CS$yx2Gq zHt+vI0S^ozy5$WX=Jgx?2hW$m;gt=3Lxb~j3HfBm>s@Xe`8BneFZg>{{1ek5)v&W5MS4;^lU}R+H0nbZt4Lm3xfW z^liLLd&fDp0v|Y54zMHt;?Q zh(NV!Oq^J;ojB@ZfFogIm*;|rK6}uky3pNIh&m&+xO144eKw3QqTrvDdEA@xDEbB? lh{YUDksJIFx*Rc*Zj@Tr5X~rkE5LM_om_RJ{&8A$_D4Nk=q>;N literal 0 HcmV?d00001