karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add gitea

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-05-16 18:16:25 +01:00
parent 1a445ab6fd
commit 3c09cf9f69
19 changed files with 471 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
hosts/jupiter/users/storm/configs/console/podman/authelia/default.nix
View File

@@ -30,11 +30,11 @@ in
};
templates = {
"authelia-postgresql.env".content = ''
authelia-postgresql-env.content = ''
POSTGRES_PASSWORD=${hmConfig.sops.placeholder."authelia/postgresql"}
'';
"authelia-configuration.yaml".content = builtins.readFile (
authelia.content = builtins.readFile (
(pkgs.formats.yaml { }).generate "configuration.yaml" {
authentication_backend = {
refresh_interval = "always";
@@ -120,13 +120,16 @@ in
}
);
"authelia-users.yaml".content = builtins.readFile (
authelia-users.content = builtins.readFile (
(pkgs.formats.yaml { }).generate "users.yaml" {
users.karaolidis = {
displayname = "Nick Karaolidis";
password = hmConfig.sops.placeholder."authelia/users/karaolidis";
email = "nick@karaolidis.com";
groups = [ "admins" ];
groups = [
"admins"
"git"
];
};
}
);
@@ -144,20 +147,24 @@ in
containers = {
authelia-init = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-yq}";
volumes = [
"${volumes.authelia.ref}:/etc/authelia"
"${hmConfig.sops.templates."authelia-users.yaml".path}:/etc/authelia/users.yaml.default:ro"
];
exec = [
"eval-all"
". as $item ireduce ({}; . *+ $item)"
"/etc/authelia/users.yaml"
"/etc/authelia/users.yaml.default"
"-i"
];
};
containerConfig =
let
entrypoint = pkgs.writeTextFile {
name = "entrypoint.sh";
executable = true;
text = builtins.readFile ./init-entrypoint.sh;
};
in
{
image = "docker-archive:${selfPkgs.docker-yq}";
volumes = [
"${volumes.authelia.ref}:/etc/authelia"
"${hmConfig.sops.templates.authelia-users.path}:/etc/authelia/users.yaml.default:ro"
"${hmConfig.sops.templates.authelia.path}:/etc/authelia/conf.d/authelia.yaml:ro"
"${entrypoint}:/entrypoint.sh:ro"
];
entrypoint = "/entrypoint.sh";
};
serviceConfig = {
Type = "oneshot";
@@ -170,12 +177,7 @@ in
authelia = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-authelia}";
volumes = [
"${volumes.authelia.ref}:/etc/authelia"
"${
hmConfig.sops.templates."authelia-configuration.yaml".path
}:/etc/authelia/conf.d/configuration.yaml:ro"
];
volumes = [ "${volumes.authelia.ref}:/etc/authelia" ];
networks = [
networks.authelia.ref
networks.traefik.ref
@@ -183,7 +185,7 @@ in
];
exec = [
"--config"
"/etc/authelia/conf.d/"
"/etc/authelia/configuration.yaml"
];
labels = [
"traefik.enable=true"
@@ -212,7 +214,7 @@ in
POSTGRES_DB = "authelia";
POSTGRES_USER = "authelia";
};
environmentFiles = [ hmConfig.sops.templates."authelia-postgresql.env".path ];
environmentFiles = [ hmConfig.sops.templates.authelia-postgresql-env.path ];
};
unitConfig.After = [ "sops-nix.service" ];
@@ -227,7 +229,7 @@ in
prometheus-init.containerConfig.volumes =
let
autheliaConfig = (pkgs.formats.yaml { }).generate "authelia.yml" {
autheliaConfig = (pkgs.formats.yaml { }).generate "authelia.yaml" {
scrape_configs =
let
hostname = config.networking.hostName;
@@ -248,7 +250,7 @@ in
];
};
in
[ "${autheliaConfig}:/etc/prometheus/conf.d/authelia.yml" ];
[ "${autheliaConfig}:/etc/prometheus/conf.d/authelia.yaml" ];
};
};

7
hosts/jupiter/users/storm/configs/console/podman/authelia/init-entrypoint.sh Normal file
View File

@@ -0,0 +1,7 @@
#!/bin/sh
touch /etc/authelia/users.yaml
# shellcheck disable=SC2016
yq eval-all '. as $item ireduce ({}; . * $item)' /etc/authelia/users.yaml /etc/authelia/users.yaml.default -i
# shellcheck disable=SC2016
yq eval-all '. as $item ireduce ({}; . *+ $item)' /etc/authelia/conf.d/*.yaml > /etc/authelia/configuration.yaml