fix(garage): Fixed rpc secret path
This commit is contained in:
parent
36f1a44253
commit
0a9a7d0d02
4 changed files with 76 additions and 1 deletions
18
services/authelia/configuration.yml
Normal file
18
services/authelia/configuration.yml
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
theme: 'auto'
|
||||||
|
|
||||||
|
access_control:
|
||||||
|
default_policy: deny
|
||||||
|
rules:
|
||||||
|
- domain: '*.gasdev.fr'
|
||||||
|
policy: one_factor
|
||||||
|
server:
|
||||||
|
endpoints:
|
||||||
|
authz:
|
||||||
|
forward-auth:
|
||||||
|
implementation: 'ForwardAuth'
|
||||||
|
session:
|
||||||
|
cookies:
|
||||||
|
- domain: 'gasdev.fr'
|
||||||
|
authelia_url: 'https://auth.gasdev.fr'
|
||||||
|
default_redirection_url: 'https://www.example.com'
|
||||||
|
|
30
services/authelia/default.nix
Normal file
30
services/authelia/default.nix
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{...}: {
|
||||||
|
sops.secrets."authelia/JWT_SECRET".owner = "root";
|
||||||
|
sops.secrets."authelia/SESSION_SECRET".owner = "root";
|
||||||
|
sops.secrets."authelia/STORAGE_PASSWORD".owner = "root";
|
||||||
|
sops.secrets."authelia/STORAGE_ENCRYPTION_KEY".owner = "root";
|
||||||
|
|
||||||
|
services.caddy.virtualHosts."auth.gasdev.fr".extraConfig = ''
|
||||||
|
reverse_proxy http://127.0.0.1:9091
|
||||||
|
'';
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers = {
|
||||||
|
authelia = {
|
||||||
|
image = "docker.io/authelia/authelia:latest";
|
||||||
|
autoStart = true;
|
||||||
|
ports = ["127.0.0.1:9091:9091"];
|
||||||
|
environment = {
|
||||||
|
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE = "/secrets/JWT_SECRET";
|
||||||
|
AUTHELIA_SESSION_SECRET_FILE = "/secrets/SESSION_SECRET";
|
||||||
|
AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE = "/secrets/STORAGE_PASSWORD";
|
||||||
|
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE = "/secrets/STORAGE_ENCRYPTION_KEY";
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"/run/secrets/authelia:/secrets"
|
||||||
|
"/etc/authelia/configuration.yml:/config/configuration.yml"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.etc."authelia/configuration.yml".text = builtins.readFile ./configuration.yml;
|
||||||
|
}
|
|
@ -9,7 +9,7 @@ compression_level = 2
|
||||||
|
|
||||||
rpc_bind_addr = "[::]:3901"
|
rpc_bind_addr = "[::]:3901"
|
||||||
rpc_public_addr = "gasdev.fr:3901"
|
rpc_public_addr = "gasdev.fr:3901"
|
||||||
rpc_secret_file = "/run/secrets/garage/rpc_secret"
|
rpc_secret_file = "/run/secrets/garage/RPC_SECRET"
|
||||||
|
|
||||||
[s3_api]
|
[s3_api]
|
||||||
s3_region = "garage"
|
s3_region = "garage"
|
||||||
|
|
27
services/i2p/default.nix
Normal file
27
services/i2p/default.nix
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
{...}: {
|
||||||
|
services.caddy.virtualHosts."console.i2p.gasdev.fr".extraConfig = ''
|
||||||
|
reverse_proxy http://127.0.0.1:7657
|
||||||
|
'';
|
||||||
|
|
||||||
|
services.caddy.virtualHosts."proxy.i2p.gasdev.fr".extraConfig = ''
|
||||||
|
reverse_proxy http://127.0.0.1:7657
|
||||||
|
'';
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers = {
|
||||||
|
uptime-kuma = {
|
||||||
|
image = "docker.io/geti2p/i2p";
|
||||||
|
autoStart = true;
|
||||||
|
environment = {
|
||||||
|
JVM_XMX = "256m";
|
||||||
|
};
|
||||||
|
ports = [
|
||||||
|
"4444:4444"
|
||||||
|
"6668:6668"
|
||||||
|
"7657:7657"
|
||||||
|
"54321:12345"
|
||||||
|
"54321:12345/udp"
|
||||||
|
];
|
||||||
|
volumes = ["i2phome:/i2p/.i2p" "i2ptorrents:/i2psnark"];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue