summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/tv/default.nix12
-rw-r--r--makefu/2configs/home/tonie.nix68
2 files changed, 76 insertions, 4 deletions
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 92f1a5bcd..8d48c2a47 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -50,6 +50,7 @@ in {
cPLMN0lWOZeDae/9SDT62l/YuETYQo6TxwIDAQAB
-----END RSA PUBLIC KEY-----
'';
+ tinc.pubkey_ed25519 = "Td6pRkmSzSGVJll26rULdr6W4U87xsHZ/87NEaglW3K";
};
};
ssh.privkey.path = config.krebs.secret.file "ssh.id_rsa";
@@ -74,8 +75,7 @@ in {
jjB+eZgXq5g81vc1116bA5yqcT2UNdOPWwIDAQAB
-----END RSA PUBLIC KEY-----
'';
- tinc.pubkey_ed25519 =
- "Ed25519PublicKey = bfDtJbxusBdosE6dMED32Yc6ZeYI3RFyXryQr7heZpO";
+ tinc.pubkey_ed25519 = "bfDtJbxusBdosE6dMED32Yc6ZeYI3RFyXryQr7heZpO";
};
};
secure = true;
@@ -99,8 +99,7 @@ in {
Brbw1bqZ3P+CGzvxVJZtirvR2f3HkidGPQIDAQAB
-----END RSA PUBLIC KEY-----
'';
- tinc.pubkey_ed25519 =
- "Ed25519PublicKey = PV8Dz9ni2cPXyJGiG5oU0XWdJkUPgrMzDuzHj7kpMzO";
+ tinc.pubkey_ed25519 = "PV8Dz9ni2cPXyJGiG5oU0XWdJkUPgrMzDuzHj7kpMzO";
};
};
secure = true;
@@ -126,6 +125,7 @@ in {
FK6BsssQWdwiEWpv6xIl1Fi+s7F0riq2cwIDAQAB
-----END RSA PUBLIC KEY-----
'';
+ tinc.pubkey_ed25519 = "cEf/Kq/2Fo70yoIcVmhIp4it9eA7L3GdkgrVE9AWU6C";
};
};
ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519";
@@ -172,6 +172,7 @@ in {
Mf00uin+7uMuKtnG6+1z5nKb/AWrqN1RZu0rnG/IkZPKwa19HYsYcOkCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
+ tinc.pubkey_ed25519 = "nDuK96NlNhcxzlX7G30w/706RxItb+FhkFkz/VhUgCE";
};
wiregrill.wireguard.subnets = [
(krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
@@ -199,6 +200,7 @@ in {
Wi9sMB1AUR6mZrxgcgTFpUjbjbLQf+36CwIDAQAB
-----END RSA PUBLIC KEY-----
'';
+ tinc.pubkey_ed25519 = "sBevGkYkcNKd39yf/Mp0whnsWIJfTGxSU1lbqN305nP";
};
};
secure = true;
@@ -225,6 +227,7 @@ in {
AFGCrMIov3F0GIeu3nDlrTIZPZDTodbFKQIDAQAB
-----END RSA PUBLIC KEY-----
'';
+ tinc.pubkey_ed25519 = "urVOEGxTkBedkpszPH0XRCRMk+Fc2U9IneYMFDqGoIB";
};
};
secure = true;
@@ -284,6 +287,7 @@ in {
4o+9nGJPuzb9bpMVRaVGtKXd39jwY7mbqwIDAQAB
-----END RSA PUBLIC KEY-----
'';
+ tinc.pubkey_ed25519 = "xYgYM9rXS73RFKUHF3ekQWhcWzuBLOPYG2bimhpH2pM";
};
};
secure = true;
diff --git a/makefu/2configs/home/tonie.nix b/makefu/2configs/home/tonie.nix
new file mode 100644
index 000000000..959e48e8b
--- /dev/null
+++ b/makefu/2configs/home/tonie.nix
@@ -0,0 +1,68 @@
+{ config, pkgs, lib, ... }:
+let
+ backend_port = 30005;
+ #host = config.networking.hostName;
+ ident = 998;
+ user = "${toString ident}:${toString ident}";
+ #backend_host = "tonie.lan";
+ backend_host = "tonie.omo.r";
+ frontend_port = 30006;
+ homedir = "/var/lib/tonies";
+ albumdir = "${homedir}/albumart/";
+ vueconfig = pkgs.writeText "vueconfig" ''
+ module.exports = {
+ devServer: {
+ disableHostCheck: true
+ },
+ }
+ '';
+ audiobookdir = "/media/cryptX/music/kinder_hoerspiele";
+ # TONIE_AUDIO_MATCH_USER = username;
+ # TONIE_AUDIO_MATCH_PASS = password;
+ tonie-env = toString <secrets/tonie.env>;
+in
+ {
+ systemd.tmpfiles.rules = [
+ "d ${albumdir} 1750 toniebox toniebox -"
+ ];
+ networking.firewall.allowedTCPPorts = [ frontend_port backend_port ];
+ virtualisation.oci-containers.containers.toniebox-front = {
+ image = "makefoo/toniebox-audio-match_front:1.0.1";
+ inherit user;
+ environment = {
+ VUE_APP_BACKEND_IS_LOCAL = "true";
+ };
+ ports = [ "${toString frontend_port}:8080" ];
+ volumes = [
+ "${albumdir}:/frontend/public/assets/covers"
+ "${vueconfig}:/frontend/vue.config.js"
+ ];
+ };
+
+ users.users.toniebox = {
+ isSystemUser = true;
+ uid = ident;
+ home = homedir;
+ createHome = true;
+ group = "toniebox";
+ };
+ users.groups.toniebox.gid = ident;
+
+ virtualisation.oci-containers.containers.toniebox-back = {
+ image = "makefoo/toniebox-audio-match_back:1.0.0";
+ inherit user;
+ environmentFiles = [ tonie-env ];
+ ports = [ "${toString backend_port}:5000" ];
+ volumes = [
+ "${albumdir}:/backend/assets/covers"
+ "${audiobookdir}:/backend/assets/audiobooks"
+ ];
+ };
+ services.nginx.virtualHosts."tonie" = {
+ serverAliases = [ "tonie.lan" "tonie.omo.r" backend_host ];
+ locations."/".proxyPass = "http://localhost:${toString frontend_port}";
+ locations."/upload".proxyPass = "http://localhost:${toString backend_port}";
+ locations."/creativetonies".proxyPass = "http://localhost:${toString backend_port}";
+ locations."/audiobooks".proxyPass = "http://localhost:${toString backend_port}";
+ };
+}