obsidian
This commit is contained in:
parent
e898c31de2
commit
00b7254d12
9 changed files with 107 additions and 45 deletions
|
|
@ -1 +1 @@
|
|||
flake-profile-9-link
|
||||
flake-profile-10-link
|
||||
1
.direnv/flake-profile-10-link
Symbolic link
1
.direnv/flake-profile-10-link
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
/nix/store/cmsv2fznjjsyg9cj2yvkaccjj2iv4r9h-nix-shell-env
|
||||
|
|
@ -1 +0,0 @@
|
|||
/nix/store/k88yspmzczh2hz8assh7447skldwjdw7-nix-shell-env
|
||||
|
|
@ -4,6 +4,7 @@ _: {
|
|||
./databases.nix
|
||||
./matrix-synapse.nix
|
||||
./forgejo.nix
|
||||
./obsidian-sync.nix
|
||||
|
||||
./media
|
||||
./websites
|
||||
|
|
|
|||
|
|
@ -1,9 +1,8 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
flakes,
|
||||
...
|
||||
{ lib
|
||||
, pkgs
|
||||
, config
|
||||
, flakes
|
||||
, ...
|
||||
}:
|
||||
let
|
||||
cfg = config.services.forgejo;
|
||||
|
|
@ -15,16 +14,23 @@ in
|
|||
key = "email_password";
|
||||
format = "yaml";
|
||||
};
|
||||
|
||||
users.groups.forgejo = { };
|
||||
users.users.forgejo = {
|
||||
users = {
|
||||
groups = {
|
||||
forgejo = { };
|
||||
forgejo-runner = { };
|
||||
};
|
||||
users.forgejo = {
|
||||
isSystemUser = true;
|
||||
group = "forgejo";
|
||||
extraGroups = [ "storage" ];
|
||||
};
|
||||
users.forgejo-runner = {
|
||||
isSystemUser = true;
|
||||
group = "forgejo-runner";
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
virtualHosts."git.donsz.nl" = {
|
||||
services.nginx.virtualHosts."git.donsz.nl" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
extraConfig = ''
|
||||
|
|
@ -32,7 +38,6 @@ in
|
|||
'';
|
||||
locations."/".proxyPass = "http://[::1]:13121";
|
||||
};
|
||||
};
|
||||
|
||||
services.forgejo = {
|
||||
enable = true;
|
||||
|
|
@ -80,12 +85,6 @@ in
|
|||
mailerPasswordFile = config.sops.secrets.forgejo.path;
|
||||
};
|
||||
|
||||
users.groups.forgejo-runner = { };
|
||||
users.users.forgejo-runner = {
|
||||
isSystemUser = true;
|
||||
group = "forgejo-runner";
|
||||
};
|
||||
|
||||
sops.secrets.forgejo-runner = {
|
||||
sopsFile = ../../secrets/forgejo-runner.env;
|
||||
};
|
||||
|
|
|
|||
51
fili/services/obsidian-sync.nix
Normal file
51
fili/services/obsidian-sync.nix
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
port = 5984;
|
||||
in
|
||||
{
|
||||
sops.secrets.obsidian-sync = {
|
||||
sopsFile = ../../secrets/obsidian-sync.ini;
|
||||
format = "ini";
|
||||
owner = "couchdb";
|
||||
};
|
||||
|
||||
services.couchdb = {
|
||||
enable = true;
|
||||
inherit port;
|
||||
package = pkgs.couchdb3;
|
||||
configFile = config.sops.secrets.obsidian-sync.path;
|
||||
|
||||
extraConfig = {
|
||||
chttpd = {
|
||||
require_valid_user = true;
|
||||
enable_cors = true;
|
||||
max_http_request_size = 4294967296;
|
||||
};
|
||||
|
||||
chttpd_auth.require_valid_user = true;
|
||||
httpd = {
|
||||
WWW-Authenticate = ''Basic realm="couchdb"'';
|
||||
enable_cors = true;
|
||||
};
|
||||
|
||||
couchdb.max_document_size = 50000000;
|
||||
|
||||
cors = {
|
||||
credentials = true;
|
||||
headers = "accept, authorization, content-type, origin, referer";
|
||||
methods = "GET,PUT,POST,HEAD,DELETE";
|
||||
max_age = 3600;
|
||||
origins = "app://obsidian.md,capacitor://localhost,http://localhost,https://localhost,capacitor://obsidian.donsz.nl,http://obsidian.donsz.nl,https://obsidian.donsz.nl";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."obsidian.donsz.nl" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
extraConfig = ''
|
||||
client_max_body_size 512M;
|
||||
'';
|
||||
locations."/".proxyPass = "http://localhost:${toString port}";
|
||||
};
|
||||
}
|
||||
|
|
@ -11,7 +11,8 @@
|
|||
enableACME = true;
|
||||
|
||||
locations."/" = {
|
||||
proxyPass = "http://[::1]:3000";
|
||||
proxyPass = "http://localhost:3000";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
@ -20,9 +21,9 @@
|
|||
description = "Review Queue";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ]; # if networking is needed
|
||||
after = [ "network.target" ];
|
||||
|
||||
restartIfChanged = true; # set to false, if restarting is problematic
|
||||
restartIfChanged = true;
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${flakes.reviewqueue.packages.${pkgs.system}.default}/bin/reviewqueue";
|
||||
|
|
|
|||
26
flake.lock
generated
26
flake.lock
generated
|
|
@ -9,11 +9,11 @@
|
|||
"stable": "stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1749739748,
|
||||
"narHash": "sha256-csQQPoCA5iv+Nd9yCOCQNKflP7qUKEe7D27wsz+LPKM=",
|
||||
"lastModified": 1755272288,
|
||||
"narHash": "sha256-ypTPb2eKcOBbOoyvPV0j4ZOXs4kayo73/2KI456QnE0=",
|
||||
"owner": "zhaofengli",
|
||||
"repo": "colmena",
|
||||
"rev": "c61641b156dfa3e82fc0671e77fccf7d7ccfaa3b",
|
||||
"rev": "5bf4ce6a24adba74a5184f4a9bef01d545a09473",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -246,11 +246,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1746461020,
|
||||
"narHash": "sha256-7+pG1I9jvxNlmln4YgnlW4o+w0TZX24k688mibiFDUE=",
|
||||
"lastModified": 1750134718,
|
||||
"narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "3730d8a308f94996a9ba7c7138ede69c1b9ac4ae",
|
||||
"rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -342,11 +342,11 @@
|
|||
},
|
||||
"nixpkgs_5": {
|
||||
"locked": {
|
||||
"lastModified": 1751104741,
|
||||
"narHash": "sha256-xPlVbk6WlgTzDvWFRyzvXMdh/ZFLEOTCQik18wg5AFQ=",
|
||||
"lastModified": 1757345582,
|
||||
"narHash": "sha256-HnJYHM9zCVV5Avil6/IPw1m1s2vLd+fmFN7VR/UkidA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e6117712d8b930e3aa8cf77b4816a3f0a88b3637",
|
||||
"rev": "49a25608bff9b2add8edcee8ff92dda38909e671",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -491,16 +491,16 @@
|
|||
},
|
||||
"stable": {
|
||||
"locked": {
|
||||
"lastModified": 1746557022,
|
||||
"narHash": "sha256-QkNoyEf6TbaTW5UZYX0OkwIJ/ZMeKSSoOMnSDPQuol0=",
|
||||
"lastModified": 1750133334,
|
||||
"narHash": "sha256-urV51uWH7fVnhIvsZIELIYalMYsyr2FCalvlRTzqWRw=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1d3aeb5a193b9ff13f63f4d9cc169fb88129f860",
|
||||
"rev": "36ab78dab7da2e4e27911007033713bab534187b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-24.11",
|
||||
"ref": "nixos-25.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
|
|
|||
10
secrets/obsidian-sync.ini
Normal file
10
secrets/obsidian-sync.ini
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
[admins]
|
||||
admin = ENC[AES256_GCM,data:9Wedypebky9mFblWKZZOZpDCBXA=,iv:XHUSlwWzka9I7VaOrbUdCVb975RhKUyT2MuQDZa9QwU=,tag:t9SgAbFywqrcvHPIFfqd5A==,type:str]
|
||||
|
||||
[sops]
|
||||
age__list_0__map_recipient = age1ygkcl4ss92z5ptzt3w5g4n98qx2c4kagyssm96m5z4c7t299c5wszjchxw
|
||||
age__list_0__map_enc = -----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2SThmQmdObUxLQlN0ZFVk\nTUJZVHdoUTNxbWtrd3ozWXFmV1l1VjJEUUdJCjdGUDZDcmZndHlEb2I4Y25kZ1NY\nSjRYY2k5Vy9vRU5xWlQrR1FYMGY4bGsKLS0tIDY3bVZnYmRiVk5oaE5JS0dveTlP\nM3hLV3R2UktOaXd0U3FUNHJPWUZBdjgKRVDf0DnRLwmHq7ykz4bElUFJQXORA3e2\nkc5y6RU2CF36y1WFk+nMlX/nB/FPSPWD9412Lm136CNrmM354orz6g==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
lastmodified = 2025-09-08T22:59:22Z
|
||||
mac = ENC[AES256_GCM,data:X/FNnm3v9CrI1/HW6iNRV8icNXzDGWsLrxQkNvTePGV37nUpY3hzlgMJd21/TeZMCHkRdE/1zRPjyXNUrgSwDdtEZ3CLoq1AXMMHxILWiWGcA/pM1Rn/WVfmGexCwIjw0/0XHvk6jWCPAiUUNCVJALeqlNjPqzeQFqE6VJZyqPg=,iv:7Zd91r2jgi5EEJQeiWcf2vF5AtnxibGNhEqQUzim22g=,tag:REUNXGa77Q2khYWKR7Zasg==,type:str]
|
||||
unencrypted_suffix = _unencrypted
|
||||
version = 3.10.2
|
||||
Loading…
Add table
Add a link
Reference in a new issue