diff options
-rw-r--r-- | krebs/3modules/tv/default.nix | 12 | ||||
-rw-r--r-- | makefu/2configs/home/tonie.nix | 68 |
2 files changed, 76 insertions, 4 deletions
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 92f1a5bcd..8d48c2a47 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -50,6 +50,7 @@ in { cPLMN0lWOZeDae/9SDT62l/YuETYQo6TxwIDAQAB -----END RSA PUBLIC KEY----- ''; + tinc.pubkey_ed25519 = "Td6pRkmSzSGVJll26rULdr6W4U87xsHZ/87NEaglW3K"; }; }; ssh.privkey.path = config.krebs.secret.file "ssh.id_rsa"; @@ -74,8 +75,7 @@ in { jjB+eZgXq5g81vc1116bA5yqcT2UNdOPWwIDAQAB -----END RSA PUBLIC KEY----- ''; - tinc.pubkey_ed25519 = - "Ed25519PublicKey = bfDtJbxusBdosE6dMED32Yc6ZeYI3RFyXryQr7heZpO"; + tinc.pubkey_ed25519 = "bfDtJbxusBdosE6dMED32Yc6ZeYI3RFyXryQr7heZpO"; }; }; secure = true; @@ -99,8 +99,7 @@ in { Brbw1bqZ3P+CGzvxVJZtirvR2f3HkidGPQIDAQAB -----END RSA PUBLIC KEY----- ''; - tinc.pubkey_ed25519 = - "Ed25519PublicKey = PV8Dz9ni2cPXyJGiG5oU0XWdJkUPgrMzDuzHj7kpMzO"; + tinc.pubkey_ed25519 = "PV8Dz9ni2cPXyJGiG5oU0XWdJkUPgrMzDuzHj7kpMzO"; }; }; secure = true; @@ -126,6 +125,7 @@ in { FK6BsssQWdwiEWpv6xIl1Fi+s7F0riq2cwIDAQAB -----END RSA PUBLIC KEY----- ''; + tinc.pubkey_ed25519 = "cEf/Kq/2Fo70yoIcVmhIp4it9eA7L3GdkgrVE9AWU6C"; }; }; ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; @@ -172,6 +172,7 @@ in { Mf00uin+7uMuKtnG6+1z5nKb/AWrqN1RZu0rnG/IkZPKwa19HYsYcOkCAwEAAQ== -----END RSA PUBLIC KEY----- ''; + tinc.pubkey_ed25519 = "nDuK96NlNhcxzlX7G30w/706RxItb+FhkFkz/VhUgCE"; }; wiregrill.wireguard.subnets = [ (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR @@ -199,6 +200,7 @@ in { Wi9sMB1AUR6mZrxgcgTFpUjbjbLQf+36CwIDAQAB -----END RSA PUBLIC KEY----- ''; + tinc.pubkey_ed25519 = "sBevGkYkcNKd39yf/Mp0whnsWIJfTGxSU1lbqN305nP"; }; }; secure = true; @@ -225,6 +227,7 @@ in { AFGCrMIov3F0GIeu3nDlrTIZPZDTodbFKQIDAQAB -----END RSA PUBLIC KEY----- ''; + tinc.pubkey_ed25519 = "urVOEGxTkBedkpszPH0XRCRMk+Fc2U9IneYMFDqGoIB"; }; }; secure = true; @@ -284,6 +287,7 @@ in { 4o+9nGJPuzb9bpMVRaVGtKXd39jwY7mbqwIDAQAB -----END RSA PUBLIC KEY----- ''; + tinc.pubkey_ed25519 = "xYgYM9rXS73RFKUHF3ekQWhcWzuBLOPYG2bimhpH2pM"; }; }; secure = true; diff --git a/makefu/2configs/home/tonie.nix b/makefu/2configs/home/tonie.nix new file mode 100644 index 000000000..959e48e8b --- /dev/null +++ b/makefu/2configs/home/tonie.nix @@ -0,0 +1,68 @@ +{ config, pkgs, lib, ... }: +let + backend_port = 30005; + #host = config.networking.hostName; + ident = 998; + user = "${toString ident}:${toString ident}"; + #backend_host = "tonie.lan"; + backend_host = "tonie.omo.r"; + frontend_port = 30006; + homedir = "/var/lib/tonies"; + albumdir = "${homedir}/albumart/"; + vueconfig = pkgs.writeText "vueconfig" '' + module.exports = { + devServer: { + disableHostCheck: true + }, + } + ''; + audiobookdir = "/media/cryptX/music/kinder_hoerspiele"; + # TONIE_AUDIO_MATCH_USER = username; + # TONIE_AUDIO_MATCH_PASS = password; + tonie-env = toString <secrets/tonie.env>; +in + { + systemd.tmpfiles.rules = [ + "d ${albumdir} 1750 toniebox toniebox -" + ]; + networking.firewall.allowedTCPPorts = [ frontend_port backend_port ]; + virtualisation.oci-containers.containers.toniebox-front = { + image = "makefoo/toniebox-audio-match_front:1.0.1"; + inherit user; + environment = { + VUE_APP_BACKEND_IS_LOCAL = "true"; + }; + ports = [ "${toString frontend_port}:8080" ]; + volumes = [ + "${albumdir}:/frontend/public/assets/covers" + "${vueconfig}:/frontend/vue.config.js" + ]; + }; + + users.users.toniebox = { + isSystemUser = true; + uid = ident; + home = homedir; + createHome = true; + group = "toniebox"; + }; + users.groups.toniebox.gid = ident; + + virtualisation.oci-containers.containers.toniebox-back = { + image = "makefoo/toniebox-audio-match_back:1.0.0"; + inherit user; + environmentFiles = [ tonie-env ]; + ports = [ "${toString backend_port}:5000" ]; + volumes = [ + "${albumdir}:/backend/assets/covers" + "${audiobookdir}:/backend/assets/audiobooks" + ]; + }; + services.nginx.virtualHosts."tonie" = { + serverAliases = [ "tonie.lan" "tonie.omo.r" backend_host ]; + locations."/".proxyPass = "http://localhost:${toString frontend_port}"; + locations."/upload".proxyPass = "http://localhost:${toString backend_port}"; + locations."/creativetonies".proxyPass = "http://localhost:${toString backend_port}"; + locations."/audiobooks".proxyPass = "http://localhost:${toString backend_port}"; + }; +} |