Compare commits
10 Commits
inex/test-
...
flakes
Author | SHA1 | Date |
---|---|---|
Alexander | 94d016e5f5 | |
Inex Code | 132b6724cd | |
Inex Code | 86182f0799 | |
Inex Code | ce3231774e | |
Inex Code | f8223192e5 | |
Alexander | 4c183d5b40 | |
Inex Code | 5e005dc436 | |
Inex Code | 6619760f47 | |
Inex Code | 3b4466b49d | |
Inex Code | 5d9c385d08 |
|
@ -1,4 +1,20 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
redis-sp-api-srv-name = "sp-api";
|
||||
sp-print-api-token = pkgs.writeShellApplication {
|
||||
name = "sp-print-api-token";
|
||||
runtimeInputs = with pkgs; [ redis ];
|
||||
text = ''
|
||||
hash_token="$(redis-cli -s /run/redis-${redis-sp-api-srv-name}/redis.sock keys "token_repo:tokens:*" | head -n 1)"
|
||||
hash_token="''${hash_token#"token_repo:tokens:"}"
|
||||
|
||||
token="$(redis-cli -s /run/redis-${redis-sp-api-srv-name}/redis.sock HGETALL "token_repo:tokens:$hash_token")"
|
||||
token="$(echo "$token" | sed -n '2p')"
|
||||
|
||||
echo "$token"
|
||||
'';
|
||||
};
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./selfprivacy-module.nix
|
||||
|
@ -15,7 +31,7 @@
|
|||
|
||||
services.selfprivacy-api.enable = true;
|
||||
|
||||
services.redis.servers.sp-api = {
|
||||
services.redis.servers.${redis-sp-api-srv-name} = {
|
||||
enable = true;
|
||||
save = [
|
||||
[
|
||||
|
@ -68,6 +84,7 @@
|
|||
environment.systemPackages = with pkgs; [
|
||||
git
|
||||
jq
|
||||
sp-print-api-token
|
||||
];
|
||||
# consider environment.defaultPackages = lib.mkForce [];
|
||||
documentation.enable = false; # no {man,info}-pages & docs, etc to save space
|
||||
|
|
14
flake.lock
14
flake.lock
|
@ -2,11 +2,11 @@
|
|||
"nodes": {
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1709677081,
|
||||
"narHash": "sha256-tix36Y7u0rkn6mTm0lA45b45oab2cFLqAzDbJxeXS+c=",
|
||||
"lastModified": 1716361217,
|
||||
"narHash": "sha256-mzZDr00WUiUXVm1ujBVv6A0qRd8okaITyUp4ezYRgc4=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "880992dcc006a5e00dd0591446fdf723e6a51a64",
|
||||
"rev": "46397778ef1f73414b03ed553a3368f0e7e33c2f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -28,11 +28,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709843377,
|
||||
"narHash": "sha256-lQGd4xtKWsIlD5vVurrA/xtNYxYFGfLGyev4oOUeMmY=",
|
||||
"lastModified": 1716580438,
|
||||
"narHash": "sha256-wWKhCiRmjrFgnHUgcxBb2mtBy9uTrY93yxpMYh/wpVY=",
|
||||
"ref": "master",
|
||||
"rev": "1f1fcc223be4c6ae65eef1d50918aed0826e5ad1",
|
||||
"revCount": 1259,
|
||||
"rev": "4f1d44ce74432e745f0be3b192f8cc4ae06fd169",
|
||||
"revCount": 1304,
|
||||
"type": "git",
|
||||
"url": "https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git"
|
||||
},
|
||||
|
|
|
@ -9,12 +9,17 @@ let
|
|||
CLOUDFLARE_ZONE_API_TOKEN=$TOKEN
|
||||
CLOUDFLARE_POLLING_INTERVAL=30
|
||||
'';
|
||||
DESEC = "DESEC_TOKEN=$TOKEN";
|
||||
DESEC = ''
|
||||
DESEC_TOKEN=$TOKEN
|
||||
DESEC_POLLING_INTERVAL=30
|
||||
DESEC_PROPAGATION_TIMEOUT=180
|
||||
DESEC_TTL=3600
|
||||
'';
|
||||
};
|
||||
dnsCredentialsTemplate = dnsCredentialsTemplates.${cfg.dns.provider};
|
||||
acme-env-filepath = "/var/lib/selfprivacy/acme-env";
|
||||
secrets-filepath = "/etc/selfprivacy/secrets.json";
|
||||
dnsPropagationCheckExceptions = [ "DIGITALOCEAN" ];
|
||||
dnsPropagationCheckExceptions = [ "DIGITALOCEAN" "DESEC" ];
|
||||
in
|
||||
{
|
||||
users.groups.acmereceivers.members = [ "nginx" ];
|
||||
|
|
Loading…
Reference in New Issue