megamanmalte/nixos
0
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

feat(host/faunus-ater): replace mealie container with systemd service

Browse source
This commit is contained in:
Malte Tammena 2024-11-21 09:36:39 +01:00
parent 08063c780c
commit 3805e0c9a5
1 changed files with 10 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
hosts/faunus-ater/modules/mealie.nix
View file

@ -3,29 +3,17 @@
config, config,
... ...
}: { }: {
virtualisation.oci-containers.containers."mealie" = { services.mealie = {
image = "ghcr.io/mealie-recipes/mealie:v1.0.0-RC2"; enable = true;
ports = let port = builtins.toString config.state.services.eat.port; in ["${port}:${port}"]; listenAddress = "127.0.0.1";
environment = { port = config.state.services.eat.port;
PUID = builtins.toString config.users.users.mealie.uid; settings = {
PGID = builtins.toString config.users.groups.mealie.gid;
ALLOW_SIGNUP = "false"; ALLOW_SIGNUP = "false";
TZ = "Europe/Berlin"; TZ = "Europe/Berlin";
BASE_URL = "https://eat.tammena.me"; BASE_URL = "https://eat.tammena.me";
TOKEN_TIME = "8760"; TOKEN_TIME = "8760";
}; };
volumes = [
"/data/dirty/mealie:/app/data"
];
}; };
# Create user and group for the data
users.users.mealie = {
isSystemUser = true;
group = "mealie";
};
users.groups.mealie = {};
# Configure nginx reverse proxy # Configure nginx reverse proxy
services.nginx.virtualHosts."eat.tammena.me" = { services.nginx.virtualHosts."eat.tammena.me" = {
addSSL = true; addSSL = true;
@ -44,8 +32,10 @@
}; };
# Secrets # Secrets
sops.secrets."certificate-key-eat-tammena-me" = { sops.secrets = {
owner = config.users.users.nginx.name; "certificate-key-eat-tammena-me" = {
mode = "0400"; owner = config.users.users.nginx.name;
mode = "0400";
};
}; };
} }