diff --git a/hosts/nixos/HandlerOne/default.nix b/hosts/nixos/HandlerOne/default.nix index 21a1023..68fb170 100644 --- a/hosts/nixos/HandlerOne/default.nix +++ b/hosts/nixos/HandlerOne/default.nix @@ -41,7 +41,6 @@ # Quadlets "modules/quadlets" - "modules/quadlets/booklore" "modules/quadlets/frigate" "modules/quadlets/actualbudget" @@ -104,8 +103,9 @@ plugins = [ "github.com/greenpau/caddy-security@v1.1.31" "github.com/zhangjiayin/caddy-geoip2@v0.0.0-20251231005803-9e40d38250b4" + "github.com/mholt/caddy-l4@v0.1.0" ]; - hash = "sha256-keGRCjDebiibKoAiigAIIe7dygjULIDCLubfpuMpLHg="; + hash = "sha256-Y9JcT1sUy+PxTLXnzBeiKlNVmddjWQRv6yKJyfa5fVk="; }; environmentFile = config.sops.templates."caddyserver-env".path; logFormat = '' diff --git a/modules/quadlets/booklore/default.nix b/modules/quadlets/booklore/default.nix deleted file mode 100644 index ddd40fa..0000000 --- a/modules/quadlets/booklore/default.nix +++ /dev/null @@ -1,88 +0,0 @@ -{ - lib, - config, - inputs, - ... -}: -let - port = builtins.toString (lib.custom.autoport "booklore"); - volumePath = "/overseer/services"; - sopsFolder = inputs.nix-secrets + "/sops"; -in -{ - systemd.tmpfiles.rules = [ - "d ${volumePath}/booklore" - "d ${volumePath}/booklore/books" - "d ${volumePath}/booklore/bookdrop" - "d ${volumePath}/booklore/data" - "d ${volumePath}/booklore/database" - ]; - - sops.secrets = { - "booklore/db/root_pass" = { - sopsFile = "${sopsFolder}/services.yaml"; - }; - "booklore/db/pass" = { - sopsFile = "${sopsFolder}/services.yaml"; - }; - }; - - sops.templates."booklore-env".content = '' - MYSQL_ROOT_PASSWORD = ${config.sops.placeholder."booklore/db/root_pass"} - MYSQL_PASSWORD = ${config.sops.placeholder."booklore/db/pass"} - DATABASE_PASSWORD = ${config.sops.placeholder."booklore/db/pass"} - ''; - - services.caddy.virtualHosts."booklore.wanderingcrow.net".extraConfig = '' - reverse_proxy localhost:${port} - ''; - - virtualisation.quadlet = { - containers = { - booklore-web.containerConfig = { - image = "ghcr.io/booklore-app/booklore:v1.14.1"; - pod = config.virtualisation.quadlet.pods.booklore.ref; - environments = { - DATABASE_URL = "jdbc:mariadb://localhost:3306/booklore"; - DATABASE_USERNAME = "booklore"; - BOOKLORE_PORT = "6060"; - # FIXME: convert to secrets - DATABASE_PASSWORD = "changeme"; - }; - environmentFiles = [ - config.sops.templates."booklore-env".path - ]; - volumes = [ - "${volumePath}/booklore/books:/books" - "${volumePath}/booklore/bookdrop:/bookdrop" - "${volumePath}/booklore/data:/app/data" - ]; - }; - booklore-db.containerConfig = { - image = "lscr.io/linuxserver/mariadb:11.4.8"; - pod = config.virtualisation.quadlet.pods.booklore.ref; - environments = { - TZ = "Etc/UTC"; - PUID = "0"; - PGID = "0"; - MYSQL_USER = "booklore"; - MYSQL_DATABASE = "booklore"; - # FIXME: convert to secrets - MYSQL_ROOT_PASSWORD = "changeme"; - MYSQL_PASSWORD = "changeme"; - }; - environmentFiles = [ - config.sops.templates."booklore-env".path - ]; - volumes = [ - "${volumePath}/booklore/database:/config" - ]; - }; - }; - pods.booklore = { - podConfig.publishPorts = [ - "${port}:6060" - ]; - }; - }; -}