working netbox

hosts/nixos/HandlerOne/default.nix

@@ -49,6 +49,7 @@
       "modules/services/trilium"
       "modules/services/fail2ban"
       "modules/services/ollama/nginx.nix" # Just host the nginx path back to Parzival
+      "modules/services/netbox"
     ])
   ];
 
@@ -121,6 +122,7 @@
       "matrix.wanderingcrow.net" = {};
       "ta.wanderingcrow.net" = {};
       "chat.wanderingcrow.net" = {};
+      "netbox.wanderingcrow.net" = {};
     };
   };
 }

modules/services/netbox/default.nix

@@ -1,19 +1,27 @@
 {
+  inputs,
   config,
   pkgs,
   ...
-}: {
+}: let
+  sopsFolder = builtins.toString inputs.nix-secrets + "/sops";
+in {
   users.users.nginx.extraGroups = ["netbox"];
 
-  sops.secrets."netbox/secret-key" = {};
+  sops.secrets."netbox/secret-key" = {
+    owner = "netbox";
+    sopsFile = "${sopsFolder}/shared.yaml";
+  };
 
   services.nginx = {
     enable = true;
     recommendedProxySettings = true; # otherwise you will get CSRF error while login
     virtualHosts."netbox.wanderingcrow.net" = {
+      forceSSL = true;
+      useACMEHost = "netbox.wanderingcrow.net";
       locations = {
         "/" = {
-          proxyPass = "/run/netbox/netbox.sock";
+          proxyPass = "http://${config.services.netbox.listenAddress}:${builtins.toString config.services.netbox.port}";
         };
         "/static/" = {alias = "${config.services.netbox.dataDir}/static/";};
       };
@@ -21,8 +29,10 @@
   };
 
   services.netbox = {
-    enabled = true;
+    enable = true;
-    unixSocket = "/run/netbox/netbox.sock";
+    package = pkgs.netbox;
+    listenAddress = "0.0.0.0";
+    port = 9099;
     secretKeyFile = config.sops.secrets."netbox/secret-key".path;
   };
 }