diff --git a/machines/genepi/configuration.nix b/machines/genepi/configuration.nix index f6db410..a6c2074 100644 --- a/machines/genepi/configuration.nix +++ b/machines/genepi/configuration.nix @@ -16,6 +16,7 @@ ./mpd.nix ./network.nix ./nginx.nix + ./pinchflat.nix ./syncthing.nix ./taskchampion.nix ./topology.nix diff --git a/machines/genepi/glance-config.nix b/machines/genepi/glance-config.nix index ec2432e..cfb09fa 100644 --- a/machines/genepi/glance-config.nix +++ b/machines/genepi/glance-config.nix @@ -69,6 +69,11 @@ url = "https://git.turifer.dev"; icon = "sh:gitea"; } + { + title = "Pinchflat"; + url = "https://pinchflat.home.rpqt.fr"; + icon = "sh:pinchflat"; + } ]; } ]; diff --git a/machines/genepi/pinchflat.nix b/machines/genepi/pinchflat.nix new file mode 100644 index 0000000..9d29657 --- /dev/null +++ b/machines/genepi/pinchflat.nix @@ -0,0 +1,31 @@ +{ + config, + pkgs, + ... +}: +{ + services.pinchflat = { + enable = true; + secretsFile = config.clan.core.vars.generators.pinchflat.files.env.path; + mediaDir = "/home/rpqt/Music"; + }; + + clan.core.vars.generators.pinchflat = { + files.env = { }; + runtimeInputs = [ + pkgs.coreutils + pkgs.openssl + ]; + script = '' + echo "$SECRET_KEY_BASE=$(openssl rand -hex 64)" > "$out"/env + ''; + }; + + clan.core.state.pinchflat.folders = [ "/var/lib/pinchflat" ]; + + services.nginx.virtualHosts."pinchflat.home.rpqt.fr" = { + forceSSL = true; + useACMEHost = "home.rpqt.fr"; + locations."/".proxyPass = "http://127.0.0.1:${builtins.toString config.services.pinchflat.port}"; + }; +} diff --git a/modules/unbound.nix b/modules/unbound.nix index a35dcdf..f1a26c8 100644 --- a/modules/unbound.nix +++ b/modules/unbound.nix @@ -13,6 +13,7 @@ let "glance" "grafana" "images" + "pinchflat" "rss" "tw" ];