fix(garage): Fixed rpc secret path
This commit is contained in:
parent
36f1a44253
commit
0a9a7d0d02
4 changed files with 76 additions and 1 deletions
18
services/authelia/configuration.yml
Normal file
18
services/authelia/configuration.yml
Normal file
|
@ -0,0 +1,18 @@
|
|||
theme: 'auto'
|
||||
|
||||
access_control:
|
||||
default_policy: deny
|
||||
rules:
|
||||
- domain: '*.gasdev.fr'
|
||||
policy: one_factor
|
||||
server:
|
||||
endpoints:
|
||||
authz:
|
||||
forward-auth:
|
||||
implementation: 'ForwardAuth'
|
||||
session:
|
||||
cookies:
|
||||
- domain: 'gasdev.fr'
|
||||
authelia_url: 'https://auth.gasdev.fr'
|
||||
default_redirection_url: 'https://www.example.com'
|
||||
|
30
services/authelia/default.nix
Normal file
30
services/authelia/default.nix
Normal file
|
@ -0,0 +1,30 @@
|
|||
{...}: {
|
||||
sops.secrets."authelia/JWT_SECRET".owner = "root";
|
||||
sops.secrets."authelia/SESSION_SECRET".owner = "root";
|
||||
sops.secrets."authelia/STORAGE_PASSWORD".owner = "root";
|
||||
sops.secrets."authelia/STORAGE_ENCRYPTION_KEY".owner = "root";
|
||||
|
||||
services.caddy.virtualHosts."auth.gasdev.fr".extraConfig = ''
|
||||
reverse_proxy http://127.0.0.1:9091
|
||||
'';
|
||||
|
||||
virtualisation.oci-containers.containers = {
|
||||
authelia = {
|
||||
image = "docker.io/authelia/authelia:latest";
|
||||
autoStart = true;
|
||||
ports = ["127.0.0.1:9091:9091"];
|
||||
environment = {
|
||||
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE = "/secrets/JWT_SECRET";
|
||||
AUTHELIA_SESSION_SECRET_FILE = "/secrets/SESSION_SECRET";
|
||||
AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE = "/secrets/STORAGE_PASSWORD";
|
||||
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE = "/secrets/STORAGE_ENCRYPTION_KEY";
|
||||
};
|
||||
volumes = [
|
||||
"/run/secrets/authelia:/secrets"
|
||||
"/etc/authelia/configuration.yml:/config/configuration.yml"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
environment.etc."authelia/configuration.yml".text = builtins.readFile ./configuration.yml;
|
||||
}
|
|
@ -9,7 +9,7 @@ compression_level = 2
|
|||
|
||||
rpc_bind_addr = "[::]:3901"
|
||||
rpc_public_addr = "gasdev.fr:3901"
|
||||
rpc_secret_file = "/run/secrets/garage/rpc_secret"
|
||||
rpc_secret_file = "/run/secrets/garage/RPC_SECRET"
|
||||
|
||||
[s3_api]
|
||||
s3_region = "garage"
|
||||
|
|
27
services/i2p/default.nix
Normal file
27
services/i2p/default.nix
Normal file
|
@ -0,0 +1,27 @@
|
|||
{...}: {
|
||||
services.caddy.virtualHosts."console.i2p.gasdev.fr".extraConfig = ''
|
||||
reverse_proxy http://127.0.0.1:7657
|
||||
'';
|
||||
|
||||
services.caddy.virtualHosts."proxy.i2p.gasdev.fr".extraConfig = ''
|
||||
reverse_proxy http://127.0.0.1:7657
|
||||
'';
|
||||
|
||||
virtualisation.oci-containers.containers = {
|
||||
uptime-kuma = {
|
||||
image = "docker.io/geti2p/i2p";
|
||||
autoStart = true;
|
||||
environment = {
|
||||
JVM_XMX = "256m";
|
||||
};
|
||||
ports = [
|
||||
"4444:4444"
|
||||
"6668:6668"
|
||||
"7657:7657"
|
||||
"54321:12345"
|
||||
"54321:12345/udp"
|
||||
];
|
||||
volumes = ["i2phome:/i2p/.i2p" "i2ptorrents:/i2psnark"];
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue