diff --git a/.gitattributes b/.gitattributes old mode 100755 new mode 100644 diff --git a/.gitignore b/.gitignore old mode 100755 new mode 100644 diff --git a/configuration.nix b/configuration.nix index 7f87533..5a4cde4 100644 --- a/configuration.nix +++ b/configuration.nix @@ -43,7 +43,11 @@ ./system-modules/nx2site.nix ./system-modules/postgres.nix ./system-modules/nx2site/proxy.nix + ./system-modules/calendar-publish.nix + ./system-modules/calendar-lec.nix + ./system-modules/nx2site/audiobookshelf.nix ./system-modules/nx2site/gitea.nix + ./system-modules/nx2site/open-web-calendar.nix ./system-modules/nx2site/radicale.nix # ./system-modules/nx2site/nextcloud.nix ./system-modules/nx2site/vaultwarden.nix @@ -121,6 +125,9 @@ xwayland.enable = true; }; + systemd.extraConfig = "DefaultLimitNOFILE=2048"; + boot.tmp.useTmpfs = false; + system.stateVersion = "24.11"; nixpkgs.config.allowUnfree = true; diff --git a/flake-modules/colors.json b/flake-modules/colors.json index 7421d63..bf6fbec 100644 --- a/flake-modules/colors.json +++ b/flake-modules/colors.json @@ -1,13 +1,13 @@ { "base": { - "foreground": "#eedce2", - "background": "#221016" + "foreground": "#dddddd", + "background": "#000000" }, "to_alter": { - "accent": "#ac5271", - "secondary": "#f20c5b", - "tertiary": "#d5a287", - "special": "#51ac8d", - "weird": "#0cf2a3" + "accent": "#8888ff", + "secondary": "#4444ff", + "tertiary": "#44ff88", + "special": "#ff6666", + "weird": "#ff66ff" } -} \ No newline at end of file +} diff --git a/git-crypt/easyroam-hsmw/easyroam_client_cert.pem b/git-crypt/easyroam-hsmw/easyroam_client_cert.pem old mode 100755 new mode 100644 diff --git a/git-crypt/easyroam-hsmw/easyroam_client_key.pem b/git-crypt/easyroam-hsmw/easyroam_client_key.pem old mode 100755 new mode 100644 diff --git a/git-crypt/easyroam-hsmw/easyroam_root_ca.pem b/git-crypt/easyroam-hsmw/easyroam_root_ca.pem old mode 100755 new mode 100644 diff --git a/git-crypt/pnx-vpn/ljk-pnx-ca.pem b/git-crypt/pnx-vpn/ljk-pnx-ca.pem old mode 100755 new mode 100644 diff --git a/git-crypt/pnx-vpn/ljk-pnx-cert.key b/git-crypt/pnx-vpn/ljk-pnx-cert.key old mode 100755 new mode 100644 diff --git a/git-crypt/pnx-vpn/ljk-pnx-cert.pem b/git-crypt/pnx-vpn/ljk-pnx-cert.pem old mode 100755 new mode 100644 diff --git a/git-crypt/pnx-vpn/ljk-pnx.ovpn b/git-crypt/pnx-vpn/ljk-pnx.ovpn old mode 100755 new mode 100644 diff --git a/git-crypt/secrets.nix b/git-crypt/secrets.nix old mode 100755 new mode 100644 index d500f2e..c616a1e Binary files a/git-crypt/secrets.nix and b/git-crypt/secrets.nix differ diff --git a/git-crypt/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem b/git-crypt/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem old mode 100755 new mode 100644 diff --git a/git-crypt/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem b/git-crypt/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem old mode 100755 new mode 100644 diff --git a/home-modules/assets/pnx/pnx_rdp_srv-phoe3-vmdms_192-168-1-104.remmina b/home-modules/assets/pnx/pnx_rdp_srv-phoe3-vmdms_192-168-1-104.remmina old mode 100755 new mode 100644 diff --git a/home-modules/assets/pnx/pnx_rdp_srv-phoenix-3_192-168-1-108.remmina b/home-modules/assets/pnx/pnx_rdp_srv-phoenix-3_192-168-1-108.remmina old mode 100755 new mode 100644 diff --git a/home-modules/assets/pnx/pnx_rdp_srv-phoenix2_192-168-1-101.remmina b/home-modules/assets/pnx/pnx_rdp_srv-phoenix2_192-168-1-101.remmina old mode 100755 new mode 100644 diff --git a/home-modules/assets/pnx/pnx_rdp_srv-remote_192-168-1-21.remmina b/home-modules/assets/pnx/pnx_rdp_srv-remote_192-168-1-21.remmina old mode 100755 new mode 100644 diff --git a/home-modules/bash.nix b/home-modules/bash.nix old mode 100755 new mode 100644 diff --git a/home-modules/bitwarden.nix b/home-modules/bitwarden.nix old mode 100755 new mode 100644 diff --git a/home-modules/calendar.nix b/home-modules/calendar.nix index 27069f5..c728d35 100644 --- a/home-modules/calendar.nix +++ b/home-modules/calendar.nix @@ -35,7 +35,7 @@ } { name = "LEC"; - url = "https://zlypher.github.io/lol-events/cal/league-of-legends-lec.ical"; + url = "https://${domain}/lec.ics"; color = "#A87000"; read-only = true; type = "ics"; diff --git a/home-modules/chatterino.nix b/home-modules/chatterino.nix old mode 100755 new mode 100644 diff --git a/home-modules/direnv.nix b/home-modules/direnv.nix old mode 100755 new mode 100644 diff --git a/home-modules/discord.nix b/home-modules/discord.nix old mode 100755 new mode 100644 diff --git a/home-modules/email.nix b/home-modules/email.nix old mode 100755 new mode 100644 diff --git a/home-modules/fish.nix b/home-modules/fish.nix old mode 100755 new mode 100644 diff --git a/home-modules/games.nix b/home-modules/games.nix old mode 100755 new mode 100644 diff --git a/home-modules/gestures.nix b/home-modules/gestures.nix old mode 100755 new mode 100644 diff --git a/home-modules/gimp.nix b/home-modules/gimp.nix old mode 100755 new mode 100644 diff --git a/home-modules/git.nix b/home-modules/git.nix old mode 100755 new mode 100644 diff --git a/home-modules/gtk.nix b/home-modules/gtk.nix old mode 100755 new mode 100644 diff --git a/home-modules/hyprland-autoname-workspaces.nix b/home-modules/hyprland-autoname-workspaces.nix old mode 100755 new mode 100644 diff --git a/home-modules/hyprland.nix b/home-modules/hyprland.nix old mode 100755 new mode 100644 diff --git a/home-modules/kitty.nix b/home-modules/kitty.nix old mode 100755 new mode 100644 diff --git a/home-modules/latex.nix b/home-modules/latex.nix old mode 100755 new mode 100644 diff --git a/home-modules/mako.nix b/home-modules/mako.nix old mode 100755 new mode 100644 diff --git a/home-modules/nh.nix b/home-modules/nh.nix old mode 100755 new mode 100644 diff --git a/home-modules/nx-gcal-event.nix b/home-modules/nx-gcal-event.nix old mode 100755 new mode 100644 diff --git a/home-modules/nx2site-backup.nix b/home-modules/nx2site-backup.nix new file mode 100644 index 0000000..44722b5 --- /dev/null +++ b/home-modules/nx2site-backup.nix @@ -0,0 +1,67 @@ +{ pkgs, ... }: +{ + home.packages = [ + (pkgs.writeShellApplication { + name = "nx_backup"; + runtimeInputs = [ ]; + text = let + web-root = "/var/nginx/webroot"; + gitea-backup = "/var/backup/gitea"; + postgres-backup = "/var/backup/postgresql"; + in /* bash */ '' + DIRECTORIES=( + "${web-root}" + "${gitea-backup}" + "${postgres-backup}" + ) + + NOW=$(date +%Y_%m_%d-%H_%M) + TEMP_BAK_DIR=$(mktemp -d) + TEMP_WORKING_DIR=$(mktemp -d) + ZIP_NAME="nx2site-backup-''${NOW}.zip" + ZIP_FILE="$TEMP_WORKING_DIR/$ZIP_NAME" + ENCRYPTED_NAME="''${ZIP_NAME}.asc" + ENCRYPTED_FILE="$TEMP_WORKING_DIR/$ENCRYPTED_NAME" + DESTINATION="/vault/$ENCRYPTED_NAME" + WEBROOT="${web-root}" + + echo "Fixing Permissions of Gitea dump" + sudo chmod -R g+r "${gitea-backup}" + + echo "Fixing Permissions of Postgres dump" + sudo chmod -R g+r "${postgres-backup}" + sudo chmod g+x "${postgres-backup}" + echo "Fixing Ownership of Postgres dump" + sudo chown -R postgres:postgres "${postgres-backup}" + + echo "Copying files to backup to tempoary directory $TEMP_BAK_DIR ..." + for DIR in "''${DIRECTORIES[@]}"; do + rsync -aR "$DIR" "$TEMP_BAK_DIR" + done + + # Create the zip file + echo "Adding files to $ZIP_NAME ..." + zip -qr "$ZIP_FILE" "$TEMP_BAK_DIR" + + # Encrypt the zip file using GPG + echo "Encryping file with gpg" + gpg -e -r gpg@nx2.site -o "$ENCRYPTED_FILE" "$ZIP_FILE" + + echo "Moving file to Destination $DESTINATION" + mv "$ENCRYPTED_FILE" "$DESTINATION" + + echo "Updating latest-bakup path in $WEBROOT" + echo "$DESTINATION" > "$WEBROOT/latest-backup" + + echo "Cleaning up tempoary files and directories" + rm -rf "$TEMP_BAK_DIR" "$TEMP_WORKING_DIR" "$ZIP_FILE" + + echo "Backup and encryption complete: $DESTINATION" + + echo "Space remaining:" + df -h | head -n 1 + df -h | grep -P "^/dev.+? " + ''; + }) + ]; +} diff --git a/home-modules/office.nix b/home-modules/office.nix old mode 100755 new mode 100644 diff --git a/home-modules/pnx.nix b/home-modules/pnx.nix old mode 100755 new mode 100644 diff --git a/home-modules/programming/python.nix b/home-modules/programming/python.nix old mode 100755 new mode 100644 diff --git a/home-modules/qt.nix b/home-modules/qt.nix old mode 100755 new mode 100644 diff --git a/home-modules/rofi.nix b/home-modules/rofi.nix old mode 100755 new mode 100644 diff --git a/home-modules/ssh.nix b/home-modules/ssh.nix old mode 100755 new mode 100644 diff --git a/home-modules/starship.nix b/home-modules/starship.nix old mode 100755 new mode 100644 diff --git a/home-modules/tts.nix b/home-modules/tts.nix old mode 100755 new mode 100644 diff --git a/home-modules/virt-manager.nix b/home-modules/virt-manager.nix old mode 100755 new mode 100644 diff --git a/home-modules/vscode.nix b/home-modules/vscode.nix old mode 100755 new mode 100644 diff --git a/home-modules/waybar.nix b/home-modules/waybar.nix old mode 100755 new mode 100644 diff --git a/home-modules/wlogout.nix b/home-modules/wlogout.nix old mode 100755 new mode 100644 diff --git a/home-modules/yazi.nix b/home-modules/yazi.nix old mode 100755 new mode 100644 diff --git a/home-modules/zoxide.nix b/home-modules/zoxide.nix old mode 100755 new mode 100644 diff --git a/home.nix b/home.nix index bd96a8f..a2f6144 100644 --- a/home.nix +++ b/home.nix @@ -1,4 +1,4 @@ -{ pkgs, pkgs-unstable, host, user, inputs, ... }: +{ pkgs, pkgs-unstable, lib, host, user, inputs, ... }: { imports = [ ./home-modules/auto-mount.nix @@ -31,7 +31,6 @@ ./home-modules/nh.nix ./home-modules/nixd.nix ./home-modules/nvidia.nix - ./home-modules/nx2site.nix ./home-modules/nxgs.nix # ./home-modules/nx-gcal-event.nix ./home-modules/obs.nix @@ -62,7 +61,10 @@ ./home-modules/yazi.nix ./home-modules/zathura.nix ./home-modules/zoxide.nix - ]; + ] ++ (if (host == "NxACE") then [ + ./home-modules/nx2site.nix + ./home-modules/nx2site-backup.nix + ] else []); home.username = user; home.homeDirectory = "/home/${user}"; home.stateVersion = "24.05"; @@ -98,7 +100,10 @@ qbittorrent glib + pv gsettings-desktop-schemas + + yt-dlp wl-clipboard xclip xournal diff --git a/nxlib/ricelib.nix b/nxlib/ricelib.nix old mode 100755 new mode 100644 diff --git a/system-modules/boot.nix b/system-modules/boot.nix old mode 100755 new mode 100644 diff --git a/system-modules/calendar-lec.nix b/system-modules/calendar-lec.nix new file mode 100644 index 0000000..0fd5742 --- /dev/null +++ b/system-modules/calendar-lec.nix @@ -0,0 +1,97 @@ +{ config, pkgs, user, domain, ... }: +{ + systemd.timers."nx_cal_lec" = { + enable = true; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec = "40m"; + OnUnitActiveSec = "24h"; + Unit = "nx_cal_lec.service"; + }; + }; + + systemd.services."nx_cal_lec" = { + script = let + nx_cal_lec = (pkgs.writers.writePython3Bin "nx_cal_lec" { + libraries = with pkgs.python3Packages; [ + ical + ics + requests + dateutils + ]; + flakeIgnore = [ "E302" "E305" "E226" "E501" ]; + } /*python */ '' +import hashlib +from ics import Calendar +import requests +from datetime import timedelta + +def get_event_hash(event): + """ + Generate a unique hash for an event based on its details. + """ + event_data = f"{event.name}{event.begin}{event.end}{event.description}" + return hashlib.md5(event_data.encode('utf-8')).hexdigest() + +def adjust_events(events): + """ + Adjust overlapping events to ensure they do not conflict. + """ + sorted_events = sorted(events, key=lambda e: e.begin) + for i in range(1, len(sorted_events)): + previous_event = sorted_events[i - 1] + current_event = sorted_events[i] + + if current_event.begin < previous_event.end: + # Adjust the start time of the current event to just after the previous event + current_event.begin = previous_event.end + timedelta(minutes=1) + print(f"Adjusted event '{current_event.name}' to start at {current_event.begin} and end at {current_event.end}") + return sorted_events + +def fetch_and_save_ical_events(ical_url, save_path): + """ + Fetch events from an iCal URL and save them as a single combined calendar. + """ + try: + # Fetch the iCal data + response = requests.get(ical_url) + response.raise_for_status() + + # Parse the iCal data + calendar = Calendar(response.text) + + # Adjust events + adjusted_events = adjust_events(list(calendar.events)) + + # Create a new combined calendar + combined_calendar = Calendar() + for event in adjusted_events: + combined_calendar.events.add(event) + + # Save the combined calendar to a single .ics file + with open(save_path, 'w') as file: + file.writelines(combined_calendar.serialize_iter()) + + print(f"Saved combined calendar to {save_path}") + + except requests.exceptions.RequestException as e: + print(f"Error fetching iCal data: {e}") + except Exception as e: + print(f"Error processing iCal data: {e}") + +if __name__ == "__main__": + # Replace with your iCal URL and target file path + ICAL_URL = "https://zlypher.github.io/lol-events/cal/league-of-legends-lec.ical" + SAVE_PATH = "${config.services.nginx.virtualHosts."${domain}".root}/lec.ics" + + fetch_and_save_ical_events(ICAL_URL, SAVE_PATH) +''); + in '' + ${nx_cal_lec}/bin/nx_cal_lec + ''; + serviceConfig = { + Type = "oneshot"; + User = "nx2"; + }; + }; +} diff --git a/system-modules/calendar-publish.nix b/system-modules/calendar-publish.nix new file mode 100644 index 0000000..c7b706f --- /dev/null +++ b/system-modules/calendar-publish.nix @@ -0,0 +1,138 @@ +{ config, pkgs, user, ... }: +{ + environment.systemPackages = with pkgs; let + radicale-root = "/var/lib/radicale"; + web-root = "/var/nginx/webroot"; + in [ + (writers.writePython3Bin "nx_cal_pub" { + libraries = with python3Packages; [ + ical + ics + requests + dateutils + ]; + flakeIgnore = [ "E302" "E305" "E226" "E501" ]; + } /*python */ '' +import pytz +import os +from ics import Calendar, Event +from ics.grammar.parse import ContentLine +from dateutil.rrule import rrulestr +from ics.event import datetime, timedelta + +def combine_ics_from_directories(directories, output_file): + """ + Combine all .ics events from a list of directories into one .ics file, supporting recurring events. + + :param directories: List of directories containing .ics files. + :param output_file: Path to the output .ics file. + """ + combined_calendar = Calendar() + + for directory in directories: + if not os.path.exists(directory): + print(f"Directory '{directory}' does not exist. Skipping.") + continue + + for filename in os.listdir(directory): + if filename.endswith(".ics"): + file_path = os.path.join(directory, filename) + try: + with open(file_path, 'r') as file: + calendar = Calendar(file.read()) + for event in calendar.events: + # Handle recurring events + rrule_line = None + for line in event.extra: + if isinstance(line, ContentLine) and line.name == "RRULE": + rrule_line = line + break + + if rrule_line: + # Convert UNTIL to UTC if DTSTART is timezone-aware + rrule_params = rrule_line.value.split(";") + rrule_dict = {} + for param in rrule_params: + key, value = param.split("=") + rrule_dict[key] = value + + if "UNTIL" in rrule_dict and event.begin.tzinfo: + until = datetime.fromisoformat(rrule_dict["UNTIL"]) + if until.tzinfo is None: # If UNTIL is naive, make it UTC + until = until.astimezone(pytz.UTC) + rrule_dict["UNTIL"] = until.astimezone(pytz.UTC).strftime("%Y%m%dT%H%M%SZ") + + # Reconstruct RRULE string + rrule_fixed = ";".join(f"{key}={value}" for key, value in rrule_dict.items()) + rrule = rrulestr(rrule_fixed, dtstart=event.begin.astimezone(pytz.timezone('CET'))) + + # Expand recurring events and filter based on the date + for occurrence in rrule: + notTooOld = occurrence.date() >= (datetime.now().astimezone(pytz.UTC) - timedelta(days=1)).date() + notTooFuturisic = occurrence.date() < (datetime.now().astimezone(pytz.UTC) + timedelta(days=60)).date() + if notTooOld and notTooFuturisic: + new_event = Event( + name="", + begin=occurrence, + end=occurrence + (event.end - event.begin), + transparent=event.transparent or True, + ) + combined_calendar.events.add(new_event) + else: + # Regular events, directly add if within date range + if event.begin.astimezone(pytz.timezone('CET')).date() >= (datetime.now().astimezone(pytz.timezone('CET')) - timedelta(days=1)).date(): + new_event = Event( + name="", + begin=event.begin, + end=event.end, + transparent=event.transparent or True, + ) + combined_calendar.events.add(new_event) + + except Exception as e: + print(f"Error reading file '{file_path}': {e}") + exit(1) + + try: + with open(output_file, 'w') as file: + file.writelines(combined_calendar.serialize_iter()) + print(f"Combined .ics file saved to '{output_file}'") + except Exception as e: + print(f"Error saving combined .ics file: {e}") + +if __name__ == "__main__": + # List of directories containing .ics files + DIRECTORIES = [ + "${radicale-root}/collections/collection-root/${user}/preservation", + "${radicale-root}/collections/collection-root/${user}/effort", + "${radicale-root}/collections/collection-root/${user}/experience", + "${radicale-root}/collections/collection-root/${user}/exposure", + "${radicale-root}/collections/collection-root/${user}/engagement", + ] + + # Path to the output .ics file + OUTPUT_FILE = "${web-root}/schedule.ics" + + combine_ics_from_directories(DIRECTORIES, OUTPUT_FILE) +'') + ]; + systemd.timers."nx_cal_publish" = { + enable = true; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec = "2m"; + OnUnitActiveSec = "6h"; + Unit = "nx_cal_publish.service"; + }; + }; + + systemd.services."nx_cal_publish" = { + script = '' + nx_cal_publish + ''; + serviceConfig = { + Type = "oneshot"; + User = "nx2"; + }; + }; +} diff --git a/system-modules/davmail.nix b/system-modules/davmail.nix old mode 100755 new mode 100644 diff --git a/system-modules/dm.nix b/system-modules/dm.nix old mode 100755 new mode 100644 diff --git a/system-modules/docker.nix b/system-modules/docker.nix old mode 100755 new mode 100644 diff --git a/system-modules/fuse.nix b/system-modules/fuse.nix old mode 100755 new mode 100644 diff --git a/system-modules/hardware-configuration.nix b/system-modules/hardware-configuration.nix old mode 100755 new mode 100644 diff --git a/system-modules/health_reminder.nix b/system-modules/health_reminder.nix old mode 100755 new mode 100644 diff --git a/system-modules/hsmw.nix b/system-modules/hsmw.nix old mode 100755 new mode 100644 diff --git a/system-modules/networking.nix b/system-modules/networking.nix old mode 100755 new mode 100644 diff --git a/system-modules/nvidia.nix b/system-modules/nvidia.nix old mode 100755 new mode 100644 diff --git a/system-modules/nx2site/audiobookshelf.nix b/system-modules/nx2site/audiobookshelf.nix new file mode 100644 index 0000000..9efedf6 --- /dev/null +++ b/system-modules/nx2site/audiobookshelf.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: +{ + services = { + audiobookshelf = { + # authentication is mangaed imperatively in the web interface upon first start + enable = true; + # user = "audiobookshelf"; + # group = "audiobookshelf"; + # host = "127.0.0.1"; + port = 11648; # spells out audi(o) + package = pkgs.audiobookshelf; + }; + }; +} diff --git a/system-modules/nx2site/gitea.nix b/system-modules/nx2site/gitea.nix index 9226f4f..d6ea24e 100644 --- a/system-modules/nx2site/gitea.nix +++ b/system-modules/nx2site/gitea.nix @@ -41,7 +41,7 @@ let git-user = "git"; in dump = { enable = true; backupDir = "/var/backup/gitea"; - file = null; # default = chosen by gitea + file = "gitea-dump.zip"; # default = chosen by gitea interval = "daily"; type = "zip"; # default }; @@ -99,7 +99,7 @@ let git-user = "git"; in in { "gitea-theme" = /* bash */ '' mkdir -p ${config.services.gitea.stateDir}/custom/public/assets/css/ - ln -s ${theme}/theme-pitchblack.css ${config.services.gitea.stateDir}/custom/public/assets/css/theme-pitchblack.css + ln -fs ${theme}/theme-pitchblack.css ${config.services.gitea.stateDir}/custom/public/assets/css/theme-pitchblack.css chown -R ${git-user}:${git-user} ${config.services.gitea.stateDir}/custom/ ''; }; diff --git a/system-modules/nx2site/open-web-calendar.nix b/system-modules/nx2site/open-web-calendar.nix new file mode 100644 index 0000000..056f663 --- /dev/null +++ b/system-modules/nx2site/open-web-calendar.nix @@ -0,0 +1,15 @@ +{ pkgs, domain, ... }: +{ + services = { + open-web-calendar = { + enable = true; + domain = "cal.${domain}"; + package = pkgs.open-web-calendar; + settings = { + # PORT = 21342; + }; + calendarSettings = { + }; + }; + }; +} diff --git a/system-modules/nx2site/paperless.nix b/system-modules/nx2site/paperless.nix index 6985252..45e3157 100644 --- a/system-modules/nx2site/paperless.nix +++ b/system-modules/nx2site/paperless.nix @@ -1,4 +1,4 @@ -{ config, pkgs, secrets, user, domain, ... }: +{ pkgs, config, secrets, domain, user, ... }: let paperless-user = "paperless"; in { sops.secrets = { @@ -7,7 +7,10 @@ let paperless-user = "paperless"; in }; }; - users.users."${user}".extraGroups = [ paperless-user ]; + users.users = { + "${user}".extraGroups = [ paperless-user ]; + "${paperless-user}".extraGroups = [ "redis-paperless" ]; + }; services = { postgresql = { @@ -19,178 +22,181 @@ let paperless-user = "paperless"; in }; paperless = { enable = true; - address = "127.0.0.1"; + # address = "0.0.0.0"; port = 8441; user = paperless-user; consumptionDirIsPublic = true; # package = pkgs.paperless-ngx; # dataDir = "/var/lib/paperless"; # default - # address = "127.0.0.1"; + address = "127.0.0.1"; # mediaDir = "${dataDir}/media"; passwordFile = config.sops.secrets."nx2site/paperless.pw".path; # consumptionDir = "${dataDir}/consume"; # consumptionDirIsPublic = false; # openMPThreadingWorkaround = true; settings = { - # PAPERLESS_REDIS = "redis://localhost:6379"; - # PAPERLESS_REDIS_PREFIX="" - - PAPERLESS_DBENGINE = "postgresql"; - # PAPERLESS_DBHOST = "/run/postgresql"; # config.services.postgresql.settings.listen_addresses; - # PAPERLESS_DBPORT = config.services.postgresql.settings.port; - PAPERLESS_DBNAME = paperless-user; - PAPERLESS_DBUSER = paperless-user; - PAPERLESS_DBPASS = secrets.nx2site.paperless.PAPERLESS_DBPASS; - # PAPERLESS_DBSSLMODE= - # PAPERLESS_DBSSLROOTCERT=null; # unset, using the documented path in the home directory. - # PAPERLESS_DBSSLCERT=null; # unset, using the documented path in the home directory. - # PAPERLESS_DBSSLKEY=null; # unset, using the documented path in the home directory. - # PAPERLESS_DB_TIMEOUT=null; # unset, keeping the Django defaults. - # PAPERLESS_TIKA_ENABLED=false - # PAPERLESS_TIKA_ENDPOINT="http://localhost:9998". - # PAPERLESS_TIKA_GOTENBERG_ENDPOINT="http://localhost:3000". - PAPERLESS_CONSUMPTION_DIR = "${config.services.paperless.dataDir}/consume/"; - # PAPERLESS_DATA_DIR = "${config.services.paperless.dataDir}/data/"; - PAPERLESS_EMPTY_TRASH_DIR ="${config.services.paperless.dataDir}/trash/"; # null = really delete files - # PAPERLESS_MEDIA_ROOT = "${config.services.paperless.dataDir}/media/"; - # PAPERLESS_STATICDIR = "${config.services.paperless.dataDir}/static/"; - # PAPERLESS_FILENAME_FORMAT= - # PAPERLESS_FILENAME_FORMAT_REMOVE_NONE= - # PAPERLESS_LOGGING_DIR = "${config.services.paperless.dataDir}/log/"; - # PAPERLESS_NLTK_DIR = - # PAPERLESS_MODEL_FILE= PAPERLESS_DATA_DIR/classification_model.pickle. - # PAPERLESS_LOGROTATE_MAX_SIZE= 1 MiB. - # PAPERLESS_LOGROTATE_MAX_BACKUPS= 20. - # PAPERLESS_SECRET_KEY= - # PAPERLESS_URL="" # empty string, leaving the other settings unaffected. - # PAPERLESS_CSRF_TRUSTED_ORIGINS= - # PAPERLESS_ALLOWED_HOSTS= - # PAPERLESS_CORS_ALLOWED_HOSTS= - # PAPERLESS_TRUSTED_PROXIES= - # PAPERLESS_FORCE_SCRIPT_NAME= - # PAPERLESS_STATIC_URL= "/static/". - # PAPERLESS_AUTO_LOGIN_USERNAME=null; - PAPERLESS_ADMIN_USER="${user}"; - PAPERLESS_ADMIN_MAIL=secrets.email.gmail-online.mail; - # PAPERLESS_ADMIN_PASSWORD=; - # PAPERLESS_COOKIE_PREFIX= - # PAPERLESS_ENABLE_HTTP_REMOTE_USER= - # PAPERLESS_ENABLE_HTTP_REMOTE_USER_API= - # PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME= - # PAPERLESS_LOGOUT_REDIRECT_URL="https://youtu.be/dMN-pjcchrE?si=EcFYvAnbXFkounYR"; - # PAPERLESS_USE_X_FORWARD_HOST= false - # PAPERLESS_USE_X_FORWARD_PORT= false - # PAPERLESS_PROXY_SSL_HEADER= null - # PAPERLESS_EMAIL_CERTIFICATE_LOCATION = null; - # PAPERLESS_SOCIALACCOUNT_PROVIDERS=; - # PAPERLESS_SOCIAL_AUTO_SIGNUP = false; - # PAPERLESS_SOCIALACCOUNT_ALLOW_SIGNUPS= True - # PAPERLESS_ACCOUNT_ALLOW_SIGNUPS= False - # PAPERLESS_ACCOUNT_DEFAULT_HTTP_PROTOCOL= 'https' - # PAPERLESS_ACCOUNT_EMAIL_VERIFICATION= 'optional' - # PAPERLESS_DISABLE_REGULAR_LOGIN= False - # PAPERLESS_REDIRECT_LOGIN_TO_SSO= False - # PAPERLESS_ACCOUNT_SESSION_REMEMBER= True - # PAPERLESS_SESSION_COOKIE_AGE= 1209600; # (2 weeks) - PAPERLESS_OCR_LANGUAGE = "eng+deu"; - # PAPERLESS_OCR_MODE= "skip"; - # PAPERLESS_OCR_SKIP_ARCHIVE_FILE= - # PAPERLESS_OCR_CLEAN= clean. - # PAPERLESS_OCR_DESKEW = true; # which enables this feature. - # PAPERLESS_OCR_ROTATE_PAGES = true; # which enables this feature. - # PAPERLESS_OCR_ROTATE_PAGES_THRESHOLD = "12"; - # PAPERLESS_OCR_OUTPUT_TYPE = "pdfa"; - # PAPERLESS_OCR_PAGES = null; - # PAPERLESS_OCR_IMAGE_DPI = null; - # PAPERLESS_OCR_MAX_IMAGE_PIXELS= - # PAPERLESS_OCR_COLOR_CONVERSION_STRATEGY= - PAPERLESS_OCR_USER_ARGS = { - optimize = 1; - pdfa_image_compression = "lossless"; - }; - # PAPERLESS_TASK_WORKERS= 1 - # PAPERLESS_THREADS_PER_WORKER= - # PAPERLESS_WORKER_TIMEOUT= - PAPERLESS_TIME_ZONE = "CET"; - # PAPERLESS_ENABLE_NLTK=1; - # PAPERLESS_EMAIL_TASK_CRON= */10 * * * * or every ten minutes. - # PAPERLESS_TRAIN_TASK_CRON= 5 */1 * * * or every hour at 5 minutes past the hour. - # PAPERLESS_INDEX_TASK_CRON= 0 0 * * * or daily at midnight. - # PAPERLESS_SANITY_TASK_CRON= 30 0 * * sun or Sunday at 30 minutes past midnight. - # PAPERLESS_ENABLE_COMPRESSION = 1; # enabling compression. - # PAPERLESS_CONVERT_MEMORY_LIMIT = 0; # which disables the limit. - # PAPERLESS_CONVERT_TMPDIR = - # PAPERLESS_APPS = null; - # PAPERLESS_MAX_IMAGE_PIXELS = null; - # PAPERLESS_CONSUMER_DELETE_DUPLICATES= false. - # PAPERLESS_CONSUMER_RECURSIVE= false. - # PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS= false. - PAPERLESS_CONSUMER_IGNORE_PATTERNS = [ - ".DS_Store" - ".DS_STORE" - "._*" - ".stfolder/*" - ".stversions/*" - ".localized/*" - "desktop.ini" - "@eaDir/*" - "Thumbs.db" - ]; - # PAPERLESS_CONSUMER_BARCODE_SCANNER= - # PAPERLESS_PRE_CONSUME_SCRIPT= - # PAPERLESS_POST_CONSUME_SCRIPT= - # PAPERLESS_FILENAME_DATE_ORDER= none, which disables this feature. - # PAPERLESS_NUMBER_OF_SUGGESTED_DATES= 3. Set to 0 to disable this feature. - # PAPERLESS_THUMBNAIL_FONT_NAME= /usr/share/fonts/liberation/LiberationSerif-Regular.ttf. - # PAPERLESS_IGNORE_DATES=""; - # PAPERLESS_DATE_ORDER = "DMY"; - # PAPERLESS_ENABLE_GPG_DECRYPTOR = false; - # PAPERLESS_CONSUMER_POLLING = 0; # which disables polling and uses filesystem notifications. - # PAPERLESS_CONSUMER_POLLING_RETRY_COUNT = 5; - # PAPERLESS_CONSUMER_POLLING_DELAY = 5; - # PAPERLESS_CONSUMER_INOTIFY_DELAY= 0.5; # seconds. - # PAPERLESS_OAUTH_CALLBACK_BASE_URL = null; - # PAPERLESS_GMAIL_OAUTH_CLIENT_ID = null; - # PAPERLESS_GMAIL_OAUTH_CLIENT_SECRET = null; - # PAPERLESS_OUTLOOK_OAUTH_CLIENT_ID = null; - # PAPERLESS_OUTLOOK_OAUTH_CLIENT_SECRET = null; - # PAPERLESS_EMAIL_GNUPG_HOME= - # PAPERLESS_CONSUMER_ENABLE_BARCODES= - # PAPERLESS_CONSUMER_BARCODE_TIFF_SUPPORT= false. - # PAPERLESS_CONSUMER_BARCODE_STRING= "PATCHT" - # PAPERLESS_CONSUMER_BARCODE_RETAIN_SPLIT_PAGES= false. - # PAPERLESS_CONSUMER_ENABLE_ASN_BARCODE= false. - # PAPERLESS_CONSUMER_ASN_BARCODE_PREFIX= "ASN" - # PAPERLESS_CONSUMER_BARCODE_UPSCALE= 0.0 - # PAPERLESS_CONSUMER_BARCODE_DPI= "300" - # PAPERLESS_CONSUMER_BARCODE_MAX_PAGES= "0" - # PAPERLESS_CONSUMER_ENABLE_TAG_BARCODE= false. - # PAPERLESS_CONSUMER_TAG_BARCODE_MAPPING= - # PAPERLESS_AUDIT_LOG_ENABLED= true. - # PAPERLESS_CONSUMER_ENABLE_COLLATE_DOUBLE_SIDED= false. - # PAPERLESS_CONSUMER_COLLATE_DOUBLE_SIDED_SUBDIR_NAME= "double-sided". - # PAPERLESS_CONSUMER_COLLATE_DOUBLE_SIDED_TIFF_SUPPORT= false. - # PAPERLESS_EMPTY_TRASH_DELAY = 30; # days, minimum of 1 day. - # PAPERLESS_EMPTY_TRASH_TASK_CRON= 0 1 * * *, once per day. - # PAPERLESS_CONVERT_BINARY = "convert". - # PAPERLESS_GS_BINARY = "${pkgs.ghostscript}/bin/gs"; - # PAPERLESS_WEBSERVER_WORKERS= 1; - # PAPERLESS_BIND_ADDR= [::], meaning all interfaces, including IPv6. - # PAPERLESS_PORT = config.services.paperless.port; - # PAPERLESS_OCR_LANGUAGES= - # PAPERLESS_ENABLE_FLOWER= - # PAPERLESS_SUPERVISORD_WORKING_DIR= - # PAPERLESS_APP_TITLE = "NxPPL"; - # PAPERLESS_APP_LOGO = - # PAPERLESS_ENABLE_UPDATE_CHECK=false; - # PAPERLESS_EMAIL_HOST = "localhost"; - # PAPERLESS_EMAIL_PORT= 25. - # PAPERLESS_EMAIL_HOST_USER= ""; - # PAPERLESS_EMAIL_FROM= - # PAPERLESS_EMAIL_HOST_PASSWORD = "". - # PAPERLESS_EMAIL_USE_TLS = false. - # PAPERLESS_EMAIL_USE_SSL = false. + # PAPERLESS_REDIS = "redis://localhost:6379"; + # PAPERLESS_REDIS_PREFIX="" + # PAPERLESS_DBENGINE = "postgresql"; + PAPERLESS_DBHOST = "/run/postgresql"; + # PAPERLESS_DBHOST = config.services.postgresql.settings.listen_addresses; + # PAPERLESS_DBPORT = config.services.postgresql.settings.port; + # PAPERLESS_DBNAME = paperless-user; + # PAPERLESS_DBUSER = paperless-user; + PAPERLESS_DBPASS = secrets.nx2site.paperless.PAPERLESS_DBPASS; + # PAPERLESS_DBSSLMODE= + # PAPERLESS_DBSSLROOTCERT=null; # unset, using the documented path in the home directory. + # PAPERLESS_DBSSLCERT=null; # unset, using the documented path in the home directory. + # PAPERLESS_DBSSLKEY=null; # unset, using the documented path in the home directory. + # PAPERLESS_DB_TIMEOUT=null; # unset, keeping the Django defaults. + # PAPERLESS_TIKA_ENABLED=false + # PAPERLESS_TIKA_ENDPOINT="http://localhost:9998". + # PAPERLESS_TIKA_GOTENBERG_ENDPOINT="http://localhost:3000". + PAPERLESS_CONSUMPTION_DIR = "${config.services.paperless.dataDir}/consume/"; + # PAPERLESS_DATA_DIR = "${config.services.paperless.dataDir}/data/"; + # PAPERLESS_MEDIA_ROOT = "${config.services.paperless.dataDir}/media/"; + # PAPERLESS_STATICDIR = "${config.services.paperless.dataDir}/static/"; + # PAPERLESS_FILENAME_FORMAT= + # PAPERLESS_FILENAME_FORMAT_REMOVE_NONE= + # PAPERLESS_LOGGING_DIR = "${config.services.paperless.dataDir}/log/"; + # PAPERLESS_NLTK_DIR = + # PAPERLESS_MODEL_FILE= PAPERLESS_DATA_DIR/classification_model.pickle. + # PAPERLESS_LOGROTATE_MAX_SIZE= 1 MiB. + # PAPERLESS_LOGROTATE_MAX_BACKUPS= 20. + # PAPERLESS_SECRET_KEY= + PAPERLESS_URL = "https://doc.${domain}"; + # PAPERLESS_CSRF_TRUSTED_ORIGINS= + # PAPERLESS_ALLOWED_HOSTS= + # PAPERLESS_CORS_ALLOWED_HOSTS= + # PAPERLESS_TRUSTED_PROXIES= + # PAPERLESS_FORCE_SCRIPT_NAME= + # PAPERLESS_STATIC_URL= "/static/". + # PAPERLESS_AUTO_LOGIN_USERNAME=null; + # PAPERLESS_ADMIN_USER="${user}"; + # PAPERLESS_ADMIN_MAIL=secrets.email.gmail-online.mail; + # PAPERLESS_ADMIN_PASSWORD=; + # PAPERLESS_COOKIE_PREFIX= + # PAPERLESS_ENABLE_HTTP_REMOTE_USER= + # PAPERLESS_ENABLE_HTTP_REMOTE_USER_API= + # PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME= + # PAPERLESS_LOGOUT_REDIRECT_URL="https://youtu.be/dMN-pjcchrE?si=EcFYvAnbXFkounYR"; + # PAPERLESS_USE_X_FORWARD_HOST= false + # PAPERLESS_USE_X_FORWARD_PORT= false + # PAPERLESS_PROXY_SSL_HEADER= null + # PAPERLESS_EMAIL_CERTIFICATE_LOCATION = null; + # PAPERLESS_SOCIALACCOUNT_PROVIDERS=; + # PAPERLESS_SOCIAL_AUTO_SIGNUP = false; + # PAPERLESS_SOCIALACCOUNT_ALLOW_SIGNUPS= True + # PAPERLESS_ACCOUNT_ALLOW_SIGNUPS= False + # PAPERLESS_ACCOUNT_DEFAULT_HTTP_PROTOCOL= 'https' + # PAPERLESS_ACCOUNT_EMAIL_VERIFICATION= 'optional' + # PAPERLESS_DISABLE_REGULAR_LOGIN= False + # PAPERLESS_REDIRECT_LOGIN_TO_SSO= False + # PAPERLESS_ACCOUNT_SESSION_REMEMBER= True + # PAPERLESS_SESSION_COOKIE_AGE= 1209600; # (2 weeks) + PAPERLESS_OCR_LANGUAGE = "eng+deu"; + # PAPERLESS_OCR_MODE= "skip"; + # PAPERLESS_OCR_SKIP_ARCHIVE_FILE= + # PAPERLESS_OCR_CLEAN= clean. + # PAPERLESS_OCR_DESKEW = true; # which enables this feature. + # PAPERLESS_OCR_ROTATE_PAGES = true; # which enables this feature. + # PAPERLESS_OCR_ROTATE_PAGES_THRESHOLD = "12"; + # PAPERLESS_OCR_OUTPUT_TYPE = "pdfa"; + # PAPERLESS_OCR_PAGES = null; + # PAPERLESS_OCR_IMAGE_DPI = null; + # PAPERLESS_OCR_MAX_IMAGE_PIXELS= + # PAPERLESS_OCR_COLOR_CONVERSION_STRATEGY= + PAPERLESS_OCR_USER_ARGS = { + optimize = 1; + pdfa_image_compression = "lossless"; + }; + # PAPERLESS_TASK_WORKERS= 1 + # PAPERLESS_THREADS_PER_WORKER= + # PAPERLESS_WORKER_TIMEOUT= + PAPERLESS_TIME_ZONE = "CET"; + # PAPERLESS_ENABLE_NLTK=1; + # PAPERLESS_EMAIL_TASK_CRON= */10 * * * * or every ten minutes. + # PAPERLESS_TRAIN_TASK_CRON= 5 */1 * * * or every hour at 5 minutes past the hour. + # PAPERLESS_INDEX_TASK_CRON= 0 0 * * * or daily at midnight. + # PAPERLESS_SANITY_TASK_CRON= 30 0 * * sun or Sunday at 30 minutes past midnight. + # PAPERLESS_ENABLE_COMPRESSION = 1; # enabling compression. + # PAPERLESS_CONVERT_MEMORY_LIMIT = 0; # which disables the limit. + # PAPERLESS_CONVERT_TMPDIR = + # PAPERLESS_APPS = null; + # PAPERLESS_MAX_IMAGE_PIXELS = null; + # PAPERLESS_CONSUMER_DELETE_DUPLICATES= false. + # PAPERLESS_CONSUMER_RECURSIVE= false. + # PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS= false. + PAPERLESS_CONSUMER_IGNORE_PATTERNS = [ + ".DS_Store" + ".DS_STORE" + "._*" + ".stfolder/*" + ".stversions/*" + ".localized/*" + "desktop.ini" + "@eaDir/*" + "Thumbs.db" + ]; + # PAPERLESS_CONSUMER_BARCODE_SCANNER= + # PAPERLESS_PRE_CONSUME_SCRIPT= + # PAPERLESS_POST_CONSUME_SCRIPT= + # PAPERLESS_FILENAME_DATE_ORDER= none, which disables this feature. + # PAPERLESS_NUMBER_OF_SUGGESTED_DATES= 3. Set to 0 to disable this feature. + # PAPERLESS_THUMBNAIL_FONT_NAME= /usr/share/fonts/liberation/LiberationSerif-Regular.ttf. + # PAPERLESS_IGNORE_DATES=""; + # PAPERLESS_DATE_ORDER = "DMY"; + # PAPERLESS_ENABLE_GPG_DECRYPTOR = false; + # PAPERLESS_CONSUMER_POLLING = 0; # which disables polling and uses filesystem notifications. + # PAPERLESS_CONSUMER_POLLING_RETRY_COUNT = 5; + # PAPERLESS_CONSUMER_POLLING_DELAY = 5; + # PAPERLESS_CONSUMER_INOTIFY_DELAY= 0.5; # seconds. + # PAPERLESS_OAUTH_CALLBACK_BASE_URL = null; + # PAPERLESS_GMAIL_OAUTH_CLIENT_ID = null; + # PAPERLESS_GMAIL_OAUTH_CLIENT_SECRET = null; + # PAPERLESS_OUTLOOK_OAUTH_CLIENT_ID = null; + # PAPERLESS_OUTLOOK_OAUTH_CLIENT_SECRET = null; + # PAPERLESS_EMAIL_GNUPG_HOME= + # PAPERLESS_CONSUMER_ENABLE_BARCODES= + # PAPERLESS_CONSUMER_BARCODE_TIFF_SUPPORT= false. + # PAPERLESS_CONSUMER_BARCODE_STRING= "PATCHT" + # PAPERLESS_CONSUMER_BARCODE_RETAIN_SPLIT_PAGES= false. + # PAPERLESS_CONSUMER_ENABLE_ASN_BARCODE= false. + # PAPERLESS_CONSUMER_ASN_BARCODE_PREFIX= "ASN" + # PAPERLESS_CONSUMER_BARCODE_UPSCALE= 0.0 + # PAPERLESS_CONSUMER_BARCODE_DPI= "300" + # PAPERLESS_CONSUMER_BARCODE_MAX_PAGES= "0" + # PAPERLESS_CONSUMER_ENABLE_TAG_BARCODE= false. + # PAPERLESS_CONSUMER_TAG_BARCODE_MAPPING= + # PAPERLESS_AUDIT_LOG_ENABLED= true. + # PAPERLESS_CONSUMER_ENABLE_COLLATE_DOUBLE_SIDED= false. + # PAPERLESS_CONSUMER_COLLATE_DOUBLE_SIDED_SUBDIR_NAME= "double-sided". + # PAPERLESS_CONSUMER_COLLATE_DOUBLE_SIDED_TIFF_SUPPORT= false. + PAPERLESS_EMPTY_TRASH_DELAY = 30; # days, minimum of 1 day. + # PAPERLESS_EMPTY_TRASH_TASK_CRON= 0 1 * * *, once per day. + # PAPERLESS_CONVERT_BINARY = "convert". + PAPERLESS_GS_BINARY = "${pkgs.ghostscript}/bin/gs"; + # PAPERLESS_WEBSERVER_WORKERS= 1; + # PAPERLESS_BIND_ADDR= [::], meaning all interfaces, including IPv6. + # PAPERLESS_PORT = config.services.paperless.port; + # PAPERLESS_OCR_LANGUAGES= + # PAPERLESS_ENABLE_FLOWER= + # PAPERLESS_SUPERVISORD_WORKING_DIR= + PAPERLESS_APP_TITLE = "NxPPL"; + # PAPERLESS_APP_LOGO = + # PAPERLESS_ENABLE_UPDATE_CHECK=false; + # PAPERLESS_EMAIL_HOST = "localhost"; + # PAPERLESS_EMAIL_PORT= 25. + # PAPERLESS_EMAIL_HOST_USER= ""; + # PAPERLESS_EMAIL_FROM= + # PAPERLESS_EMAIL_HOST_PASSWORD = "". + # PAPERLESS_EMAIL_USE_TLS = false. + # PAPERLESS_EMAIL_USE_SSL = false. }; }; }; + systemd.services.paperless-web.after = [ "postgresql.service" ]; + systemd.services.paperless-task-queue.after = [ "postgresql.service" ]; + systemd.services.paperless-consumer.after = [ "postgresql.service" ]; + systemd.services.paperless-sceduler.after = [ "postgresql.service" ]; } diff --git a/system-modules/nx2site/proxy.nix b/system-modules/nx2site/proxy.nix index d961d1e..fe6b9cb 100644 --- a/system-modules/nx2site/proxy.nix +++ b/system-modules/nx2site/proxy.nix @@ -14,7 +14,7 @@ }; certs = { "${domain}" = { - extraDomainNames = builtins.map (subd: "${subd}.${domain}") [ "git" "pw" "sync" ]; + extraDomainNames = builtins.map (subd: "${subd}.${domain}") [ "sync" ]; }; }; }; @@ -140,9 +140,24 @@ listen = dl; locations = { "/" = { proxyPass = "http://127.0.0.1:5232"; }; }; }); - "nc.${domain}" = vh // { - # directly to nc + # "nc.${domain}" = vh // { + # # directly to nc + # }; + "abs.${domain}" = vh // { + listen = dl; + locations = { "/" = { + proxyPass = "http://127.0.0.1:${builtins.toString config.services.audiobookshelf.port}"; + proxyWebsockets = true; + }; }; }; + # is done atomatically + # "cal.${domain}" = vh // { + # listen = dl; + # locations = { "/" = { + # proxyPass = "http://unix:///run/open-web-calendar/socket"; + # proxyWebsockets = true; + # }; }; + # }; "~^(.*).${domain}$" = { listen = dl; root = "/var/nginx/webroot"; diff --git a/system-modules/nx2site/rallly.nix b/system-modules/nx2site/rallly.nix new file mode 100644 index 0000000..da4a9a5 --- /dev/null +++ b/system-modules/nx2site/rallly.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: +{ + environment.systemPackages = [ + (pkgs.mkYarnPackage { + name = "rallly"; + src = pkgs.fetchFromGitHub { + owner = "lukevella"; + repo = "rallly"; + rev = "v3.11.2"; + hash = "sha256-ej6Y0ouiheoH6dSBWsSIW6qt9UvsLh9ODDQA5Fqt3zs="; + }; + packageJson = ./package.json; + yarnLock = ./yarn.lock; + yarnNix = ./yarn.nix; + # patchPhase = /* shell */ '' + # cp ........ ? + # ''; + }) + ]; +} diff --git a/system-modules/ollama.nix b/system-modules/ollama.nix old mode 100755 new mode 100644 diff --git a/system-modules/postgres.nix b/system-modules/postgres.nix index 6ab4f63..39c3f15 100644 --- a/system-modules/postgres.nix +++ b/system-modules/postgres.nix @@ -26,6 +26,7 @@ ensureDatabases = [ "gitea" "vaultwarden" + "paperless" "nextcloud" ]; settings = { @@ -49,6 +50,10 @@ name = "nextcloud"; ensureDBOwnership = true; } + { + name = "paperless"; + ensureDBOwnership = true; + } ]; }; postgresqlBackup = { diff --git a/system-modules/sound.nix b/system-modules/sound.nix old mode 100755 new mode 100644 diff --git a/system-modules/users.nix b/system-modules/users.nix old mode 100755 new mode 100644 index d0083e2..aa67651 --- a/system-modules/users.nix +++ b/system-modules/users.nix @@ -23,6 +23,7 @@ "adbusers" "postgres" "radicale" + "audiobookshelf" "nextcloud" ]; useDefaultShell = true; diff --git a/system-modules/virtualisation.nix b/system-modules/virtualisation.nix old mode 100755 new mode 100644