schrottkatze/nix-configs
1
2
Fork 0
Code Issues Pull requests Activity

set up penpot

Browse source
This commit is contained in:
Schrottkatze 2023-03-05 10:56:03 +01:00
parent d88066750b
commit 1ca8946c7f
7 changed files with 181 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

1
schrottserver/configuration.nix
View file

@ -17,6 +17,7 @@
../modules/neovim.nix
../modules/zsh.nix
./synapse.nix
./penpot.nix
];
#systemd.services.wordsofgod-bot.enable = true;

3
schrottserver/microbin.nix
View file

@ -12,6 +12,9 @@
MICROBIN_HIGHLIGHTSYNTAX = "";
MICROBIN_PUBLIC_PATH = "https://s10e.de";
MICROBIN_QR = "";
MICROBIN_URL_EP = "u";
MICROBIN_RAW_EP = "r";
MICROBIN_PASTA_EP = "p";
};
script = "${inputs.microbin-fork.defaultPackage."x86_64-linux"}/bin/microbin";
#scriptArgs = "--auth-password ${builtins.readFile ../secret-data/mb-pass} --auth-username jade --editable --hash-ids --no-listing --highlightsyntax --public-path https://s10e.de --qr";

73
schrottserver/penpot.nix Normal file
View file

@ -0,0 +1,73 @@
{ pkgs, inputs, ... }:
{
imports = [ inputs.arion.nixosModules.arion ];
virtualisation.docker.enable = true;
virtualisation.arion = {
backend = "docker";
projects.penpot.settings = {
networks.penpot.name = "penpot";
services = {
"penpot-backend".service = {
image = "penpotapp/backend:latest";
volumes = [ "/penpot_assets:/opt/data/assets" ];
restart = "always";
depends_on = [ "penpot-postgres" "penpot-redis" ];
networks = [ "penpot" ];
environment = {
"PENPOT_FLAGS" = "enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server";
"PENPOT_PUBLIC_URI" = "https://pp.schrottkatze.de";
"PENPOT_DATABASE_URI" = "postgresql://penpot-postgres/penpot";
"PENPOT_DATABASE_USERNAME" = "penpot";
"PENPOT_DATABASE_PASSWORD" = "penpot"; "PENPOT_REDIS_URI" = "redis://penpot-redis/0";
"PENPOT_ASSETS_STORAGE_BACKEND" = "assets-fs";
"PENPOT_STORAGE_ASSETS_FS_DIRECTORY" = "/opt/data/assets";
"PENPOT_TELEMETRY_ENABLED" = "false";
"PENPOT_SMTP_DEFAULT_FROM" = "noreply-pp@schrottkatze.de";
"PENPOT_SMTP_DEFAULT_REPLY_TO" = "noreply-pp@schrottkatze.de";
"PENPOT_SMTP_HOST" = "smtp.migadu.com";
"PENPOT_SMTP_PORT" = "465";
"PENPOT_SMTP_USERNAME" = "noreply-pp@schrottkatze.de";
"PENPOT_SMTP_PASSWORD" = builtins.readFile ../secret-data/penpot-smtp-pass;
"PENPOT_SMTP_TLS" = "true";
"PENPOT_SMTP_SSL" = "false";
};
};
"penpot-frontend".service = {
image = "penpotapp/frontend:latest";
restart = "always";
ports = [ "9001:80" ];
volumes = [ "/penpot_assets:/opt/data/assets" ];
depends_on = [ "penpot-backend" "penpot-exporter" ];
networks = [ "penpot" ];
};
"penpot-exporter".service = {
image = "penpotapp/exporter:latest";
restart = "always";
networks = [ "penpot" ];
environment = {
"PENPOT_PUBLIC_URI" = "http://penpot-frontend";
"PENPOT_REDIS_URI" = "redis://penpot-redis/0";
};
};
"penpot-postgres".service = {
image = "postgres:15";
restart = "always";
stop_signal = "SIGINT";
volumes = [ "/penpot_postgres_v15:/var/lib/postgresql/data" ];
networks = [ "penpot" ];
environment = {
"POSTGRES_INITDB_ARGS" = "--data-checksums";
"POSTGRES_DB" = "penpot";
"POSTGRES_USER" = "penpot";
"POSTGRES_PASSWORD" = "penpot";
};
};
"penpot-redis".service = {
image = "redis:7";
restart = "always";
networks = [ "penpot" ];
};
};
};
};
}

11
schrottserver/proxy.nix
View file

@ -24,6 +24,10 @@
group = "nginx";
keyType = "rsa2048";
};
"pp.schrottkatze.de" = {
group = "nginx";
keyType = "rsa2048";
};
};
};
@ -63,6 +67,13 @@
forceSSL = true;
enableACME = true;
};
"pp.schrottkatze.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9001";
};
};
"s10e.de" = {
forceSSL = true;
enableACME = true;