liv/nixos-config
1
0
Fork 0
mirror of https://github.com/Ahwxorg/nixos-config.git synced 2025-12-04 15:00:13 +01:00
Code Issues 1 Projects Releases Packages Wiki Activity Actions

feat: create module for atticd

Browse source
This commit is contained in:
Ahwx 2025-11-11 11:36:50 +01:00
parent 7fa7706d43
commit f47ac18dab
2 changed files with 54 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

52
modules/services/attic.nix Normal file
View file

@ -0,0 +1,52 @@
{ config, ... }:
{
services = {
atticd = {
enable = true;
# File containing the server token in the following format:
# ATTIC_SERVER_TOKEN_RS256_SECRET_BASE64=<...>
# You can generate the token by running the following command:
# openssl genrsa -traditional 4096 | base64 -w0
environmentFile = config.sops.secrets.atticdEnvironment.path;
settings = {
# Listen on some port. Replace it!
listen = "[::]:8060";
# The two lines below should be set to the URL where your Attic cache will be available.
allowed-hosts = [ "cache.liv.town" ];
# Apparently it's very important this ends in a "/"
api-endpoint = "https://cache.liv.town/";
jwt = { };
database = {
# I used Postgres here, but if you leave it empty
# it will use an in-memory SQLite DB instead.
# url = "postgresql://atticd@127.0.0.1/atticd";
# heartbeat = true;
};
storage = {
# You could also use S3 here. But nah lol shit's expensive.
type = "local";
# Leave this empty to use the default path,
# or change it to some path that Attic can write to.
path = "/mnt/nfs/violet/nix";
};
};
};
anubis.instances.atticd = {
settings = {
TARGET = "http://localhost:8060";
BIND = ":8061";
BIND_NETWORK = "tcp";
};
};
nginx.virtualHosts."cache.liv.town" = {
forceSSL = true;
sslCertificate = "/var/lib/acme/liv.town/cert.pem";
sslCertificateKey = "/var/lib/acme/liv.town/key.pem";
locations."/" = {
proxyPass = "http://localhost${toString config.services.anubis.instances.atticd.settings.BIND}";
proxyWebsockets = true;
};
};
};
}

2
modules/services/violet.nix
View file

@ -3,12 +3,14 @@
imports = imports =
[ (import ./invidious.nix) ] [ (import ./invidious.nix) ]
++ [ (import ./anubis.nix) ] ++ [ (import ./anubis.nix) ]
++ [ (import ./attic.nix) ]
++ [ (import ./borg.nix) ] ++ [ (import ./borg.nix) ]
++ [ (import ./binternet-proxy.nix) ] ++ [ (import ./binternet-proxy.nix) ]
++ [ (import ./bluemap-proxy.nix) ] ++ [ (import ./bluemap-proxy.nix) ]
++ [ (import ./docker.nix) ] ++ [ (import ./docker.nix) ]
++ [ (import ./email.nix) ] ++ [ (import ./email.nix) ]
++ [ (import ./forgejo.nix) ] ++ [ (import ./forgejo.nix) ]
# ++ [ (import ./funkwhale.nix) ]
++ [ (import ./grafana.nix) ] ++ [ (import ./grafana.nix) ]
++ [ (import ./guacamole.nix) ] ++ [ (import ./guacamole.nix) ]
++ [ (import ./gokapi.nix) ] ++ [ (import ./gokapi.nix) ]