73 lines
2 KiB
Nix
73 lines
2 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
sops.secrets."ente/minio/root_password".owner = "ente";
|
|
sops.secrets."ente/minio/root_user".owner = "ente";
|
|
sops.secrets."service_accounts/ente/password".owner = "ente";
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
ente-cli
|
|
];
|
|
|
|
services.ente.api = {
|
|
enable = true;
|
|
enableLocalDB = true;
|
|
|
|
domain = "ente-museum.procopius.dk";
|
|
settings = {
|
|
# apps = {
|
|
# accounts = "https://accounts.procopius.dk";
|
|
# cast = "https://cast.procopius.dk";
|
|
# public-albums = "https://albums.procopius.dk";
|
|
# };
|
|
|
|
smtp = {
|
|
host = "mail.procopius.dk";
|
|
port = "465";
|
|
username = "ente@procopius.dk";
|
|
password._secret = config.sops.secrets."service_accounts/ente/password".path;
|
|
# The email address from which to send the email. Set this to an email
|
|
# address whose credentials you're providing.
|
|
email = "ente@procopius.dk";
|
|
# Optional override for the sender name in the emails. If specified, it will
|
|
# be used for all emails sent by the instance (default is email specific).
|
|
sender-name = "ente";
|
|
};
|
|
internal.admins = [
|
|
1580559962386438
|
|
];
|
|
s3 = {
|
|
use_path_style_urls = true;
|
|
b2-eu-cen = {
|
|
endpoint = "https://ente-minio-api.procopius.dk";
|
|
region = "us-east-1";
|
|
bucket = "ente";
|
|
key._secret = config.sops.secrets."ente/minio/root_user".path;
|
|
secret._secret = config.sops.secrets."ente/minio/root_password".path;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
services.ente.web = {
|
|
enable = true;
|
|
domains = {
|
|
api = "ente-museum.procopius.dk";
|
|
accounts = "ente-accounts.procopius.dk";
|
|
albums = "ente-albums.procopius.dk";
|
|
cast = "ente-cast.procopius.dk";
|
|
photos = "ente-photos.procopius.dk";
|
|
auth = "ente-auth.procopius.dk";
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
3000
|
|
3001
|
|
3002
|
|
3003
|
|
3004
|
|
8080
|
|
];
|
|
}
|