fix(garage): Fixed rpc secret path

This commit is contained in:
GaspardCulis 2024-10-11 20:01:22 +02:00
parent 36f1a44253
commit 0a9a7d0d02
4 changed files with 76 additions and 1 deletions

View file

@ -0,0 +1,18 @@
theme: 'auto'
access_control:
default_policy: deny
rules:
- domain: '*.gasdev.fr'
policy: one_factor
server:
endpoints:
authz:
forward-auth:
implementation: 'ForwardAuth'
session:
cookies:
- domain: 'gasdev.fr'
authelia_url: 'https://auth.gasdev.fr'
default_redirection_url: 'https://www.example.com'

View file

@ -0,0 +1,30 @@
{...}: {
sops.secrets."authelia/JWT_SECRET".owner = "root";
sops.secrets."authelia/SESSION_SECRET".owner = "root";
sops.secrets."authelia/STORAGE_PASSWORD".owner = "root";
sops.secrets."authelia/STORAGE_ENCRYPTION_KEY".owner = "root";
services.caddy.virtualHosts."auth.gasdev.fr".extraConfig = ''
reverse_proxy http://127.0.0.1:9091
'';
virtualisation.oci-containers.containers = {
authelia = {
image = "docker.io/authelia/authelia:latest";
autoStart = true;
ports = ["127.0.0.1:9091:9091"];
environment = {
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE = "/secrets/JWT_SECRET";
AUTHELIA_SESSION_SECRET_FILE = "/secrets/SESSION_SECRET";
AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE = "/secrets/STORAGE_PASSWORD";
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE = "/secrets/STORAGE_ENCRYPTION_KEY";
};
volumes = [
"/run/secrets/authelia:/secrets"
"/etc/authelia/configuration.yml:/config/configuration.yml"
];
};
};
environment.etc."authelia/configuration.yml".text = builtins.readFile ./configuration.yml;
}

View file

@ -9,7 +9,7 @@ compression_level = 2
rpc_bind_addr = "[::]:3901"
rpc_public_addr = "gasdev.fr:3901"
rpc_secret_file = "/run/secrets/garage/rpc_secret"
rpc_secret_file = "/run/secrets/garage/RPC_SECRET"
[s3_api]
s3_region = "garage"

27
services/i2p/default.nix Normal file
View file

@ -0,0 +1,27 @@
{...}: {
services.caddy.virtualHosts."console.i2p.gasdev.fr".extraConfig = ''
reverse_proxy http://127.0.0.1:7657
'';
services.caddy.virtualHosts."proxy.i2p.gasdev.fr".extraConfig = ''
reverse_proxy http://127.0.0.1:7657
'';
virtualisation.oci-containers.containers = {
uptime-kuma = {
image = "docker.io/geti2p/i2p";
autoStart = true;
environment = {
JVM_XMX = "256m";
};
ports = [
"4444:4444"
"6668:6668"
"7657:7657"
"54321:12345"
"54321:12345/udp"
];
volumes = ["i2phome:/i2p/.i2p" "i2ptorrents:/i2psnark"];
};
};
}