Jaaj-San/pointfichiers
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat(services): Added Musare service

Browse source
This commit is contained in:
GaspardCulis 2024-11-07 23:05:30 +01:00
parent 7719637c95
commit 4f907ded92
4 changed files with 163 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
secrets/OVHCloud/default.yaml
View file

@ -22,6 +22,11 @@ gitlab:
OTP_KEY: ENC[AES256_GCM,data:BphY+ZO26N82iN1782ephpyqYwTt3UmCawX9/1kwvWEo5OebpUOOOQnR03I=,iv:EaHAW/sb1MGfN9ZFeB8t4xxVUtxb5jM7uL06/eGPxck=,tag:Qg+0oBsc0oB1T8NO2Znw5g==,type:str] OTP_KEY: ENC[AES256_GCM,data:BphY+ZO26N82iN1782ephpyqYwTt3UmCawX9/1kwvWEo5OebpUOOOQnR03I=,iv:EaHAW/sb1MGfN9ZFeB8t4xxVUtxb5jM7uL06/eGPxck=,tag:Qg+0oBsc0oB1T8NO2Znw5g==,type:str]
DB_KEY: ENC[AES256_GCM,data:9Yso0CEnpAU/sX2NW8roSz+w/lhfK220f35U8Z3t+GNOi+Zd7Ybb/7kill4=,iv:fsQ86NRJbLYfjFZ/ka6po1o35dagqmiqhfQmUQNzlPg=,tag:LV9Sh+TlYv+kRW0bLWajnw==,type:str] DB_KEY: ENC[AES256_GCM,data:9Yso0CEnpAU/sX2NW8roSz+w/lhfK220f35U8Z3t+GNOi+Zd7Ybb/7kill4=,iv:fsQ86NRJbLYfjFZ/ka6po1o35dagqmiqhfQmUQNzlPg=,tag:LV9Sh+TlYv+kRW0bLWajnw==,type:str]
JWS_KEY: ENC[AES256_GCM,data:7QGTClTixUmLFuPwkdvaVbPfZhVFpjtnW4/T6W0Lpu2j5Xt1jxijgRSHYRo=,iv:9v5TGU8+SlKzAQtfF/3VBQ4D9asyNcOOa4ElEG7OQdE=,tag:MPWKPJtFfIeo38uCVG1H7w==,type:str] JWS_KEY: ENC[AES256_GCM,data:7QGTClTixUmLFuPwkdvaVbPfZhVFpjtnW4/T6W0Lpu2j5Xt1jxijgRSHYRo=,iv:9v5TGU8+SlKzAQtfF/3VBQ4D9asyNcOOa4ElEG7OQdE=,tag:MPWKPJtFfIeo38uCVG1H7w==,type:str]
musare:
MONGO_USER_USERNAME: ENC[AES256_GCM,data:XKk3rmNJ,iv:x853fsUKFZ5xEKTTFd+r8MQ4yZK1q0x9ocjmngBJ4Wo=,tag:v9xsFbImlrNQb/yAlIWM/w==,type:str]
MONGO_USER_PASSWORD: ENC[AES256_GCM,data:QMocFYM0okz4/g0iPm3QoPGtxRc67A==,iv:xZJL5KVJAL0Gv9wkbyStrcJig1gKkHlQnJ8SIKVLeLs=,tag:HdXDA6z8YJzwEQPBt/0rCQ==,type:str]
MONGO_ROOT_PASSWORD: ENC[AES256_GCM,data:KrrEa7NVF1J+znK+8aychgmBGgtLHw==,iv:BGsnTPXmQ3moqFRVATRbVDBLl/EFG5DqSwii/9eKdLg=,tag:0hR91iEZcox/xe7M4SmCBg==,type:str]
REDIS_PASSWORD: ENC[AES256_GCM,data:8+iq5EiFJWyhvE/AV/qjb/61AHvFdQ==,iv:jv/XVunNDXRB5CjQVxtt+uL5V14p7ol7UuhJOSWcjEs=,tag:Ft/mWv2zmXjSToPogisqtw==,type:str]
notesnook: notesnook:
API_SECRET: ENC[AES256_GCM,data:E2wikU7aAXzuZ1m1javW7SbkCxVSii1zLF2AjFCWbVpyRvVN9le764fU29A=,iv:9R/Hzwdr9shQNYxtSJB18CUiaGq/XfMY2mTlTL5aLHs=,tag:ediIkiZRNOK61xGUO8vKwA==,type:str] API_SECRET: ENC[AES256_GCM,data:E2wikU7aAXzuZ1m1javW7SbkCxVSii1zLF2AjFCWbVpyRvVN9le764fU29A=,iv:9R/Hzwdr9shQNYxtSJB18CUiaGq/XfMY2mTlTL5aLHs=,tag:ediIkiZRNOK61xGUO8vKwA==,type:str]
S3_ACCESS_KEY_ID: ENC[AES256_GCM,data:Pmzvjon0RH2d78hiO0JEa8Lbad2a+mzX+zs=,iv:IyKuX3lWVqJuovkVNi/5eEZbRSL+jsOG5Kd09mEwr6w=,tag:Z2SfFsLpaPMDphhBp/1b0Q==,type:str] S3_ACCESS_KEY_ID: ENC[AES256_GCM,data:Pmzvjon0RH2d78hiO0JEa8Lbad2a+mzX+zs=,iv:IyKuX3lWVqJuovkVNi/5eEZbRSL+jsOG5Kd09mEwr6w=,tag:Z2SfFsLpaPMDphhBp/1b0Q==,type:str]
@ -82,8 +87,8 @@ sops:
MFpMemF4MGg1bmVUeWV5N25LTUtyczQKss0x4zT1kyeRu+qenhrdbcPlU/p+yjVN MFpMemF4MGg1bmVUeWV5N25LTUtyczQKss0x4zT1kyeRu+qenhrdbcPlU/p+yjVN
y3j4eGpnwgc2rxSL9vkrrkzx/atUqUkgGU/YstszUrP6XKbJ+9ydpQ== y3j4eGpnwgc2rxSL9vkrrkzx/atUqUkgGU/YstszUrP6XKbJ+9ydpQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-06T07:57:13Z" lastmodified: "2024-11-07T21:03:51Z"
mac: ENC[AES256_GCM,data:5IkklIfJTvQwkSDasZwzEAiXEcRwGS5v6C/Bqp/MitVSYwky/kvSVlTWavQpOV1UHv5eraL45+QMkz1lMUF6C6X7en96KdZQV15omIvhxBdIKwvnZmmc83vGh75WJJ9688z1Pj/djUhH3qR1Pzj2v0tlkJCSIZK0oR4Eaj8400k=,iv:4pAhCYEONQ8KvTwBUuBneJS/zd+Ef9yVgVb5IO47PBo=,tag:au9L0qOQahndmn8/WSLdLg==,type:str] mac: ENC[AES256_GCM,data:iRlsQiOia0lmCAHYCkEvK2FKY2rWxWwr3nI3i6dHwNPfUQGJuNbhIWWTzI/t60N6/lY4UmYQI8jcwUxKM1xvv6p/XNarpRfXdskm5ocAtg8AyXBtXx1kgsvPmzMzFE3QQ0s1XbEoGHQKTT4yE9rTQlX9Gnd1zzbYBgcgLZ+STus=,iv:t3lbU/dbdZjHsW58yZEiAHvUePwdc5JMFCtv28uqgXo=,tag:ghGULzQinWDlDFAX6hFUlg==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.1 version: 3.9.1

1
services/default.nix
View file

@ -2,6 +2,7 @@
imports = [ imports = [
./authelia ./authelia
./garage ./garage
./musare
./outline ./outline
./shadowsocks ./shadowsocks
./stalwart-mail ./stalwart-mail

32
services/musare/config.json Normal file
View file

@ -0,0 +1,32 @@
{
"configVersion": 12,
"migration": false,
"secret": "CHANGE_ME",
"port": 8080,
"url": {
"host": "music.gasdev.fr",
"secure": true
},
"apis": {
"youtube": {
"key": "CHANGE_ME"
},
"discogs": {
"enabled": false,
"client": "CHANGE_ME",
"secret": "CHANGE_ME"
}
},
"mail": {
"enabled": false,
"smtp": {
"host": "smtp.my.domain",
"port": 587,
"auth": {
"user": "CHANGE_ME",
"pass": "CHANGE_ME"
},
"secure": true
}
}
}

123
services/musare/default.nix Normal file
View file

@ -0,0 +1,123 @@
{
pkgs,
config,
...
}: let
musare = pkgs.fetchFromGitHub {
owner = "Musare";
repo = "Musare";
rev = "v3.11.0";
hash = "sha256-RN9H7atiNOr4wqgzfwE/8hUMJ4zpgMBu3dXA37c/lH0=";
};
musare-backend =
pkgs.buildNpmPackage {
pname = "musare-backend";
version = "4.7.0";
nodejs = pkgs.nodejs_18;
src =
musare
+ "/backend";
npmDepsHash = "sha256-cxvK2Zp0iOA9qPg8NaCEcOsxmaU1/l/dvnfwUEq2BuE=";
dontNpmBuild = true;
}
+ "/lib/node_modules/musare-backend";
musare-frontend =
pkgs.buildNpmPackage {
pname = "musare-frontend";
version = "4.7.0";
src =
musare
+ "/frontend";
npmDepsHash = "sha256-R1vxio66W/8WN6pFRbwuOv0Z4/V4cnwBqhXlRygj7Js=";
npmBuildScript = "prod";
}
+ "/lib/node_modules/musare-frontend/build";
in {
services.caddy.virtualHosts."music.gasdev.fr".extraConfig = ''
root * ${musare-frontend}
file_server
@websockets {
path /backend/*
header Connection upgrade
header Upgrade websocket
}
reverse_proxy @websockets localhost:32483
handle_path /backend/* {
reverse_proxy localhost:32483
}
'';
sops.secrets."musare/MONGO_USER_USERNAME".owner = "root";
sops.secrets."musare/MONGO_USER_PASSWORD".owner = "root";
sops.secrets."musare/MONGO_ROOT_PASSWORD".owner = "root";
sops.secrets."musare/REDIS_PASSWORD".owner = "root";
sops.templates."musare.env" = {
content = ''
MONGO_USER_USERNAME=${config.sops.placeholder."musare/MONGO_USER_USERNAME"}
MONGO_USER_PASSWORD=${config.sops.placeholder."musare/MONGO_USER_PASSWORD"}
MONGO_ROOT_PASSWORD=${config.sops.placeholder."musare/MONGO_ROOT_PASSWORD"}
MONGO_INITDB_ROOT_PASSWORD=${config.sops.placeholder."musare/MONGO_ROOT_PASSWORD"}
MONGO_INITDB_ROOT_USERNAME=admin
MONGO_INITDB_DATABASE=musare
REDIS_PASSWORD=meh_not_important
'';
owner = "root";
};
virtualisation.oci-containers.containers = {
musare-backend = {
image = "localhost/musare:backend";
imageFile = pkgs.dockerTools.buildImage {
name = "musare";
tag = "backend";
contents = [pkgs.nodejs_18 pkgs.bash];
config = {
Cmd = ["node" "--es-module-specifier-resolution=node" "/opt/app/index.js"];
};
};
autoStart = true;
volumes = [
"${musare-backend}:/opt/app/"
"${./config.json}:/opt/app/config.json"
];
ports = [
"32483:8080"
];
workdir = "/opt/app";
environmentFiles = [
config.sops.templates."musare.env".path
];
dependsOn = ["mongo" "redis"];
};
mongo = {
image = "docker.io/mongo:latest";
autoStart = true;
volumes = [
"${musare}/tools/docker/setup-mongo.sh:/docker-entrypoint-initdb.d/setup-mongo.sh"
"musare-mongodb:/data/db"
];
environmentFiles = [
config.sops.templates."musare.env".path
];
};
redis = {
image = "docker.io/redis:7";
autoStart = true;
cmd = ["--notify-keyspace-events" "Ex" "--requirepass" "meh_not_important" "--appendonly" "yes"];
volumes = [
"musare-redis:/data"
];
environmentFiles = [
config.sops.templates."musare.env".path
];
};
};
}