karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add shlink

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-06-29 12:56:19 +01:00
parent d617183438
commit ea2ab2101a
11 changed files with 17579 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/jupiter/users/storm/configs/console/podman/authelia/default.nix
View File

@@ -139,6 +139,7 @@ in
"outline"
"vaultwarden"
"nextcloud"
"shlink"
];
};
}

1
hosts/jupiter/users/storm/configs/console/podman/default.nix
View File

@@ -15,6 +15,7 @@ in
(import ./ntfy { inherit user home; })
(import ./outline { inherit user home; })
(import ./prometheus { inherit user home; })
(import ./shlink { inherit user home; })
(import ./sish { inherit user home; })
(import ./traefik { inherit user home; })
(import ./vaultwarden { inherit user home; })

157
hosts/jupiter/users/storm/configs/console/podman/shlink/default.nix Normal file
View File

@@ -0,0 +1,157 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
in
{
home-manager.users.${user} = {
sops = {
secrets = {
"shlink/postgresql".sopsFile = ../../../../../../secrets/secrets.yaml;
"shlink/apiKey".sopsFile = ../../../../../../secrets/secrets.yaml;
"maxmind/licenseKey".sopsFile = ../../../../../../../../secrets/personal/secrets.yaml;
};
templates = {
shlink-postgresql-env.content = ''
POSTGRES_PASSWORD=${hmConfig.sops.placeholder."shlink/postgresql"}
'';
shlink-env.content = ''
GEOLITE_LICENSE_KEY=${hmConfig.sops.placeholder."maxmind/licenseKey"}
DB_PASSWORD=${hmConfig.sops.placeholder."shlink/postgresql"}
INITIAL_API_KEY=${hmConfig.sops.placeholder."shlink/apiKey"}
'';
shlink-web-client-env.content = ''
SHLINK_SERVER_API_KEY=${hmConfig.sops.placeholder."shlink/apiKey"}
'';
};
};
virtualisation.quadlet = {
networks.shlink.networkConfig.internal = true;
volumes = {
shlink-postgresql = { };
shlink = { };
};
containers = {
shlink = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-shlink}";
networks = [
networks.shlink.ref
networks.traefik.ref
];
volumes = [ "${volumes.shlink.ref}:/var/lib/shlink/data" ];
environments = {
DEFAULT_DOMAIN = "url.karaolidis.com";
IS_HTTPS_ENABLED = "true";
MULTI_SEGMENT_SLUGS_ENABLED = "true";
SHORT_URL_TRAILING_SLASH = "true";
SHORT_URL_MODE = "loose";
DB_DRIVER = "postgres";
DB_NAME = "shlink";
DB_USER = "shlink";
DB_HOST = "shlink-postgresql";
DB_PORT = "5432";
DEFAULT_BASE_URL_REDIRECT = "https://url.karaolidis.com/web/server/shlink-url.karaolidis.com/overview";
DEFAULT_QR_CODE_SIZE = "300";
DEFAULT_QR_CODE_MARGIN = "25";
};
environmentFiles = [ hmConfig.sops.templates.shlink-env.path ];
labels = [
"traefik.enable=true"
"traefik.http.routers.shlink.rule=Host(`url.karaolidis.com`)"
"traefik.http.routers.shlink.middlewares=authelia@docker"
];
};
unitConfig.After = [
"${containers.shlink-postgresql._serviceName}.service"
"sops-nix.service"
];
};
shlink-web-client = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-shlink-web-client}";
networks = [
networks.shlink.ref
networks.traefik.ref
];
environments = {
SHLINK_SERVER_URL = "https://url.karaolidis.com";
};
environmentFiles = [ hmConfig.sops.templates.shlink-web-client-env.path ];
labels = [
"traefik.enable=true"
"traefik.http.routers.shlink-web.rule=Host(`url.karaolidis.com`) && PathPrefix(`/web`)"
"traefik.http.routers.shlink-web.middlewares=authelia@docker"
];
};
unitConfig.After = [ "sops-nix.service" ];
};
shlink-postgresql = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-postgresql}";
networks = [ networks.shlink.ref ];
volumes = [ "${volumes.shlink-postgresql.ref}:/var/lib/postgresql/data" ];
environments = {
POSTGRES_DB = "shlink";
POSTGRES_USER = "shlink";
};
environmentFiles = [ hmConfig.sops.templates.shlink-postgresql-env.path ];
};
unitConfig.After = [ "sops-nix.service" ];
};
authelia-init.containerConfig.volumes =
let
config = (pkgs.formats.yaml { }).generate "shlink.yaml" {
access_control.rules = [
{
domain = "url.karaolidis.com";
policy = "one_factor";
resources = [
"^/(rest|web)([/?].*)?$"
"^$"
];
subject = [ "group:shlink" ];
}
{
domain = "url.karaolidis.com";
policy = "deny";
resources = [
"^/(rest|web)([/?].*)?$"
"^$"
];
}
{
domain = "url.karaolidis.com";
policy = "bypass";
}
];
};
in
[ "${config}:/etc/authelia/conf.d/shlink.yaml:ro" ];
};
};
};
}

5
packages/default.nix
View File

@@ -32,6 +32,8 @@
inherit pkgs;
};
docker-redis = import ./docker/redis { inherit pkgs; };
docker-shlink = import ./docker/shlink { inherit pkgs inputs system; };
docker-shlink-web-client = import ./docker/shlink-web-client { inherit pkgs inputs system; };
docker-sish = import ./docker/sish { inherit pkgs; };
docker-traefik = import ./docker/traefik { inherit pkgs; };
docker-whoami = import ./docker/whoami { inherit pkgs; };
@@ -59,6 +61,9 @@
prometheus-fail2ban-exporter = import ./prometheus-fail2ban-exporter { inherit pkgs; };
prometheus-podman-exporter = import ./prometheus-podman-exporter { inherit pkgs; };
shlink = import ./shlink { inherit pkgs; };
shlink-web-client = import ./shlink-web-client { inherit pkgs; };
ssh-known-hosts-github = import ./ssh/known-hosts/github { inherit pkgs inputs system; };
yazi-plugin-custom-shell = import ./yazi/plugins/custom-shell { inherit pkgs; };

91
packages/docker/shlink-web-client/default.nix Normal file
View File

@@ -0,0 +1,91 @@
{
pkgs,
inputs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
shlink-web-client = pkgs.runCommandLocal "shlink-web-client" { } ''
mkdir -p $out/var/www
cp -r ${selfPkgs.shlink-web-client} $out/var/www/shlink-web-client
'';
nginxConfig = pkgs.writeTextDir "/etc/nginx/nginx.conf" ''
user root;
daemon off;
pid /var/run/nginx.pid;
events { }
http {
include ${pkgs.nginx}/conf/mime.types;
default_type application/octet-stream;
charset utf-8;
access_log off;
error_log /dev/stderr;
server {
listen 8080 default_server;
root /var/www/shlink-web-client;
index index.html;
location = / {
return 301 /web/;
}
location = /web {
return 301 /web/;
}
location /web/ {
alias /var/www/shlink-web-client/;
try_files $uri $uri/ /index.html;
}
}
}
'';
entrypoint = pkgs.writeTextFile {
name = "entrypoint";
executable = true;
destination = "/bin/entrypoint";
text = builtins.readFile ./entrypoint.sh;
};
in
pkgs.dockerTools.buildImage {
name = "shlink-web-client";
fromImage = import ../base { inherit pkgs; };
copyToRoot = pkgs.buildEnv {
name = "root";
paths = [
entrypoint
shlink-web-client
nginxConfig
pkgs.nginx
];
pathsToLink = [
"/bin"
"/var"
"/etc"
];
};
runAsRoot = ''
${pkgs.dockerTools.shadowSetup}
mkdir -p /var/run /var/log/nginx
'';
config = {
Entrypoint = [ "entrypoint" ];
WorkingDir = "/var/www/shlink-web-client";
ExposedPorts = {
"8080/tcp" = { };
};
};
}

11
packages/docker/shlink-web-client/entrypoint.sh Normal file
View File

@@ -0,0 +1,11 @@
#!/usr/bin/env sh
set -o errexit
if [ -n "$SHLINK_SERVER_URL" ] && [ -n "$SHLINK_SERVER_API_KEY" ]; then
SHLINK_SERVER_NAME="${SHLINK_SERVER_NAME:-Shlink}"
SHLINK_SERVER_FORWARD_CREDENTIALS="${SHLINK_SERVER_FORWARD_CREDENTIALS:-false}"
echo "[{\"name\":\"${SHLINK_SERVER_NAME}\",\"url\":\"${SHLINK_SERVER_URL}\",\"apiKey\":\"${SHLINK_SERVER_API_KEY}\",\"forwardCredentials\":${SHLINK_SERVER_FORWARD_CREDENTIALS}}]" > /var/www/shlink-web-client/servers.json
fi
exec nginx -c /etc/nginx/nginx.conf "$@"

81
packages/docker/shlink/default.nix Normal file
View File

@@ -0,0 +1,81 @@
{
pkgs,
inputs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
php = pkgs.php84.buildEnv {
extensions =
{ all, ... }:
with all;
[
curl
pdo
pdo_sqlite
pdo_pgsql
intl
gd
sockets
bcmath
filter
mbstring
zlib
];
extraConfig = ''
expose_php = Off
'';
};
shlink = pkgs.runCommandLocal "shlink" { } ''
mkdir -p $out/var/www
cp -r ${selfPkgs.shlink} $out/var/www/shlink
'';
shlink-cli = pkgs.writeShellApplication {
name = "shlink";
text = ''
exec /var/www/shlink/bin/cli "$@"
'';
};
entrypoint = pkgs.writeTextFile {
name = "entrypoint";
executable = true;
destination = "/bin/entrypoint";
text = builtins.readFile ./entrypoint.sh;
};
in
pkgs.dockerTools.buildImage {
name = "shlink";
fromImage = import ../base { inherit pkgs; };
copyToRoot = pkgs.buildEnv {
name = "root";
paths = [
entrypoint
shlink
shlink-cli
php
pkgs.roadrunner
];
pathsToLink = [
"/bin"
"/var"
];
};
config = {
Entrypoint = [ "entrypoint" ];
WorkingDir = "/var/www/shlink";
Volumes = {
"/var/www/shlink/data" = { };
};
ExposedPorts = {
"8080/tcp" = { };
};
};
}

28
packages/docker/shlink/entrypoint.sh Normal file
View File

@@ -0,0 +1,28 @@
#!/usr/bin/env sh
set -o errexit
mkdir -p \
/var/www/shlink/data/cache \
/var/www/shlink/data/locks \
/var/www/shlink/data/log \
/var/www/shlink/data/proxies
GEOLITE_LICENSE_KEY=$(/var/www/shlink/bin/cli env-var:read GEOLITE_LICENSE_KEY)
SKIP_INITIAL_GEOLITE_DOWNLOAD=$(/var/www/shlink/bin/cli env-var:read SKIP_INITIAL_GEOLITE_DOWNLOAD)
INITIAL_API_KEY=$(/var/www/shlink/bin/cli env-var:read INITIAL_API_KEY)
init_flags="--no-interaction --clear-db-cache"
if [ -z "${GEOLITE_LICENSE_KEY}" ] || [ "${SKIP_INITIAL_GEOLITE_DOWNLOAD}" = "true" ]; then
init_flags="${init_flags} --skip-download-geolite"
fi
if [ -n "${INITIAL_API_KEY}" ]; then
init_flags="${init_flags} --initial-api-key=${INITIAL_API_KEY}"
fi
# shellcheck disable=SC2086
php /var/www/shlink/vendor/bin/shlink-installer init ${init_flags}
exec rr serve -c /var/www/shlink/config/roadrunner/.rr.yml "$@"

29
packages/shlink-web-client/default.nix Normal file
View File

@@ -0,0 +1,29 @@
{ pkgs, ... }:
# AUTO-UPDATE: nix-update --flake shlink-web-client
pkgs.buildNpmPackage rec {
pname = "shlink-web-client";
version = "4.4.1";
src = pkgs.fetchFromGitHub {
owner = "shlinkio";
repo = pname;
rev = "v${version}";
hash = "sha256-qq683pLqbQ6kMAzc9QOrUdGh67joCy401h3OOr270qQ=";
};
patches = [ ./package-lock.patch ];
npmDepsHash = "sha256-rX4RDrG+1YXQbm3nkv4TkrYHelL63GI7lZKFkS+MX7E=";
homepage = "/web";
postPatch = ''
tmpfile=$(mktemp)
${pkgs.lib.meta.getExe pkgs.jq} '.homepage = "${homepage}"' package.json > "$tmpfile"
mv "$tmpfile" package.json
'';
installPhase = ''
cp -r build $out
'';
}

17160
packages/shlink-web-client/package-lock.patch Normal file
View File

File diff suppressed because it is too large Load Diff

15
packages/shlink/default.nix Normal file
View File

@@ -0,0 +1,15 @@
{ pkgs, ... }:
# AUTO-UPDATE: nix-update --flake shlink
pkgs.stdenv.mkDerivation rec {
pname = "shlink";
version = "4.4.6";
src = pkgs.fetchzip {
url = "https://github.com/shlinkio/shlink/releases/download/v${version}/shlink${version}_php8.4_dist.zip";
sha256 = "sha256-fjGUQoIKAiB45jeCnbOjMnDOFIadWXdsdn/d8tRuJP8=";
};
installPhase = ''
cp -r $src $out
'';
}