set up penpot
This commit is contained in:
parent
d88066750b
commit
1ca8946c7f
7 changed files with 181 additions and 18 deletions
110
flake.lock
110
flake.lock
|
@ -1,10 +1,30 @@
|
||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
|
"arion": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-parts": "flake-parts",
|
||||||
|
"haskell-flake": "haskell-flake",
|
||||||
|
"nixpkgs": "nixpkgs"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1677362634,
|
||||||
|
"narHash": "sha256-TbXibbeyPHFS+WVMlBQ3lY2L6Re5y3qUsZaHYtLQvkw=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "arion",
|
||||||
|
"rev": "0f27ae484f34a8f0bbc5ef495a96f3a3cecb3eb3",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "arion",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"easymacros": {
|
"easymacros": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils",
|
"flake-utils": "flake-utils",
|
||||||
"naersk": "naersk",
|
"naersk": "naersk",
|
||||||
"nixpkgs": "nixpkgs_2"
|
"nixpkgs": "nixpkgs_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1662552013,
|
"lastModified": 1662552013,
|
||||||
|
@ -20,6 +40,27 @@
|
||||||
"url": "https://gitlab.com/obsidianical/easymacros.git"
|
"url": "https://gitlab.com/obsidianical/easymacros.git"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-parts": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs-lib": [
|
||||||
|
"arion",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1675933616,
|
||||||
|
"narHash": "sha256-/rczJkJHtx16IFxMmAWu5nNYcSXNg1YYXTHoGjLrLUA=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"rev": "47478a4a003e745402acf63be7f9a092d51b83d7",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-utils": {
|
"flake-utils": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1656065134,
|
"lastModified": 1656065134,
|
||||||
|
@ -49,6 +90,22 @@
|
||||||
"type": "indirect"
|
"type": "indirect"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"haskell-flake": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1675296942,
|
||||||
|
"narHash": "sha256-u1X1sblozi5qYEcLp1hxcyo8FfDHnRUVX3dJ/tW19jY=",
|
||||||
|
"owner": "srid",
|
||||||
|
"repo": "haskell-flake",
|
||||||
|
"rev": "c2cafce9d57bfca41794dc3b99c593155006c71e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "srid",
|
||||||
|
"ref": "0.1.0",
|
||||||
|
"repo": "haskell-flake",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"home-manager": {
|
"home-manager": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -86,7 +143,7 @@
|
||||||
"meowsite": {
|
"meowsite": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_2",
|
"flake-utils": "flake-utils_2",
|
||||||
"nixpkgs": "nixpkgs_3"
|
"nixpkgs": "nixpkgs_4"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1676235149,
|
"lastModified": 1676235149,
|
||||||
|
@ -105,7 +162,7 @@
|
||||||
"microbin-fork": {
|
"microbin-fork": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"naersk": "naersk_2",
|
"naersk": "naersk_2",
|
||||||
"nixpkgs": "nixpkgs_5",
|
"nixpkgs": "nixpkgs_6",
|
||||||
"utils": "utils_2"
|
"utils": "utils_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -124,7 +181,7 @@
|
||||||
},
|
},
|
||||||
"naersk": {
|
"naersk": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": "nixpkgs"
|
"nixpkgs": "nixpkgs_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1655042882,
|
"lastModified": 1655042882,
|
||||||
|
@ -142,7 +199,7 @@
|
||||||
},
|
},
|
||||||
"naersk_2": {
|
"naersk_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": "nixpkgs_4"
|
"nixpkgs": "nixpkgs_5"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1671096816,
|
"lastModified": 1671096816,
|
||||||
|
@ -161,7 +218,7 @@
|
||||||
},
|
},
|
||||||
"naersk_3": {
|
"naersk_3": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": "nixpkgs_7"
|
"nixpkgs": "nixpkgs_8"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1671096816,
|
"lastModified": 1671096816,
|
||||||
|
@ -195,16 +252,18 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1656755932,
|
"lastModified": 1676300157,
|
||||||
"narHash": "sha256-TGThfOxr+HjFK464+UoUE6rClp2cwxjiKvHcBVdIGSQ=",
|
"narHash": "sha256-1HjRzfp6LOLfcj/HJHdVKWAkX9QRAouoh6AjzJiIerU=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "660ac43ff9ab1f12e28bfb31d4719795777fe152",
|
"rev": "545c7a31e5dedea4a6d372712a18e00ce097d462",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"id": "nixpkgs",
|
"owner": "NixOS",
|
||||||
"type": "indirect"
|
"ref": "nixos-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-stable": {
|
"nixpkgs-stable": {
|
||||||
|
@ -237,6 +296,20 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
"nixpkgs_3": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1656755932,
|
||||||
|
"narHash": "sha256-TGThfOxr+HjFK464+UoUE6rClp2cwxjiKvHcBVdIGSQ=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "660ac43ff9ab1f12e28bfb31d4719795777fe152",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"id": "nixpkgs",
|
||||||
|
"type": "indirect"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_4": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1674407282,
|
"lastModified": 1674407282,
|
||||||
"narHash": "sha256-2qwc8mrPINSFdWffPK+ji6nQ9aGnnZyHSItVcYDZDlk=",
|
"narHash": "sha256-2qwc8mrPINSFdWffPK+ji6nQ9aGnnZyHSItVcYDZDlk=",
|
||||||
|
@ -252,7 +325,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_4": {
|
"nixpkgs_5": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1676549890,
|
"lastModified": 1676549890,
|
||||||
"narHash": "sha256-sq/WcOEAl7gWrrfGkWdnyYazRyTf+enEim/o6LOQzI8=",
|
"narHash": "sha256-sq/WcOEAl7gWrrfGkWdnyYazRyTf+enEim/o6LOQzI8=",
|
||||||
|
@ -266,7 +339,7 @@
|
||||||
"type": "indirect"
|
"type": "indirect"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_5": {
|
"nixpkgs_6": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1676549890,
|
"lastModified": 1676549890,
|
||||||
"narHash": "sha256-sq/WcOEAl7gWrrfGkWdnyYazRyTf+enEim/o6LOQzI8=",
|
"narHash": "sha256-sq/WcOEAl7gWrrfGkWdnyYazRyTf+enEim/o6LOQzI8=",
|
||||||
|
@ -282,7 +355,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_6": {
|
"nixpkgs_7": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1677676435,
|
"lastModified": 1677676435,
|
||||||
"narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=",
|
"narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=",
|
||||||
|
@ -298,7 +371,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_7": {
|
"nixpkgs_8": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1675614288,
|
"lastModified": 1675614288,
|
||||||
"narHash": "sha256-i3Rc/ENnz62BcrSloeVmAyPicEh4WsrEEYR+INs9TYw=",
|
"narHash": "sha256-i3Rc/ENnz62BcrSloeVmAyPicEh4WsrEEYR+INs9TYw=",
|
||||||
|
@ -312,7 +385,7 @@
|
||||||
"type": "indirect"
|
"type": "indirect"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_8": {
|
"nixpkgs_9": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1675614288,
|
"lastModified": 1675614288,
|
||||||
"narHash": "sha256-i3Rc/ENnz62BcrSloeVmAyPicEh4WsrEEYR+INs9TYw=",
|
"narHash": "sha256-i3Rc/ENnz62BcrSloeVmAyPicEh4WsrEEYR+INs9TYw=",
|
||||||
|
@ -330,13 +403,14 @@
|
||||||
},
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"arion": "arion",
|
||||||
"easymacros": "easymacros",
|
"easymacros": "easymacros",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"mac-brcm-fw": "mac-brcm-fw",
|
"mac-brcm-fw": "mac-brcm-fw",
|
||||||
"meowsite": "meowsite",
|
"meowsite": "meowsite",
|
||||||
"microbin-fork": "microbin-fork",
|
"microbin-fork": "microbin-fork",
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixpkgs": "nixpkgs_6",
|
"nixpkgs": "nixpkgs_7",
|
||||||
"nixpkgs-stable": "nixpkgs-stable",
|
"nixpkgs-stable": "nixpkgs-stable",
|
||||||
"wordsofgod": "wordsofgod"
|
"wordsofgod": "wordsofgod"
|
||||||
}
|
}
|
||||||
|
@ -389,7 +463,7 @@
|
||||||
"wordsofgod": {
|
"wordsofgod": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"naersk": "naersk_3",
|
"naersk": "naersk_3",
|
||||||
"nixpkgs": "nixpkgs_8",
|
"nixpkgs": "nixpkgs_9",
|
||||||
"utils": "utils_3"
|
"utils": "utils_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
|
|
|
@ -18,6 +18,7 @@
|
||||||
meowsite.url = "git+https://gitlab.com/obsidianical/meowsite.git";
|
meowsite.url = "git+https://gitlab.com/obsidianical/meowsite.git";
|
||||||
wordsofgod.url = "git+https://gitlab.com/obsidianical/wordsofgod.git";
|
wordsofgod.url = "git+https://gitlab.com/obsidianical/wordsofgod.git";
|
||||||
microbin-fork.url = "git+https://gitlab.com/obsidianical/microbin.git";
|
microbin-fork.url = "git+https://gitlab.com/obsidianical/microbin.git";
|
||||||
|
arion.url = "github:hercules-ci/arion";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { self, nixpkgs, nixpkgs-stable, home-manager, nixos-hardware, mac-brcm-fw, ... }@inputs: {
|
outputs = { self, nixpkgs, nixpkgs-stable, home-manager, nixos-hardware, mac-brcm-fw, ... }@inputs: {
|
||||||
|
|
|
@ -17,6 +17,7 @@
|
||||||
../modules/neovim.nix
|
../modules/neovim.nix
|
||||||
../modules/zsh.nix
|
../modules/zsh.nix
|
||||||
./synapse.nix
|
./synapse.nix
|
||||||
|
./penpot.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
#systemd.services.wordsofgod-bot.enable = true;
|
#systemd.services.wordsofgod-bot.enable = true;
|
||||||
|
|
|
@ -12,6 +12,9 @@
|
||||||
MICROBIN_HIGHLIGHTSYNTAX = "";
|
MICROBIN_HIGHLIGHTSYNTAX = "";
|
||||||
MICROBIN_PUBLIC_PATH = "https://s10e.de";
|
MICROBIN_PUBLIC_PATH = "https://s10e.de";
|
||||||
MICROBIN_QR = "";
|
MICROBIN_QR = "";
|
||||||
|
MICROBIN_URL_EP = "u";
|
||||||
|
MICROBIN_RAW_EP = "r";
|
||||||
|
MICROBIN_PASTA_EP = "p";
|
||||||
};
|
};
|
||||||
script = "${inputs.microbin-fork.defaultPackage."x86_64-linux"}/bin/microbin";
|
script = "${inputs.microbin-fork.defaultPackage."x86_64-linux"}/bin/microbin";
|
||||||
#scriptArgs = "--auth-password ${builtins.readFile ../secret-data/mb-pass} --auth-username jade --editable --hash-ids --no-listing --highlightsyntax --public-path https://s10e.de --qr";
|
#scriptArgs = "--auth-password ${builtins.readFile ../secret-data/mb-pass} --auth-username jade --editable --hash-ids --no-listing --highlightsyntax --public-path https://s10e.de --qr";
|
||||||
|
|
73
schrottserver/penpot.nix
Normal file
73
schrottserver/penpot.nix
Normal file
|
@ -0,0 +1,73 @@
|
||||||
|
{ pkgs, inputs, ... }:
|
||||||
|
{
|
||||||
|
imports = [ inputs.arion.nixosModules.arion ];
|
||||||
|
virtualisation.docker.enable = true;
|
||||||
|
virtualisation.arion = {
|
||||||
|
backend = "docker";
|
||||||
|
projects.penpot.settings = {
|
||||||
|
networks.penpot.name = "penpot";
|
||||||
|
services = {
|
||||||
|
"penpot-backend".service = {
|
||||||
|
image = "penpotapp/backend:latest";
|
||||||
|
volumes = [ "/penpot_assets:/opt/data/assets" ];
|
||||||
|
restart = "always";
|
||||||
|
depends_on = [ "penpot-postgres" "penpot-redis" ];
|
||||||
|
networks = [ "penpot" ];
|
||||||
|
environment = {
|
||||||
|
"PENPOT_FLAGS" = "enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server";
|
||||||
|
"PENPOT_PUBLIC_URI" = "https://pp.schrottkatze.de";
|
||||||
|
"PENPOT_DATABASE_URI" = "postgresql://penpot-postgres/penpot";
|
||||||
|
"PENPOT_DATABASE_USERNAME" = "penpot";
|
||||||
|
"PENPOT_DATABASE_PASSWORD" = "penpot"; "PENPOT_REDIS_URI" = "redis://penpot-redis/0";
|
||||||
|
"PENPOT_ASSETS_STORAGE_BACKEND" = "assets-fs";
|
||||||
|
"PENPOT_STORAGE_ASSETS_FS_DIRECTORY" = "/opt/data/assets";
|
||||||
|
"PENPOT_TELEMETRY_ENABLED" = "false";
|
||||||
|
"PENPOT_SMTP_DEFAULT_FROM" = "noreply-pp@schrottkatze.de";
|
||||||
|
"PENPOT_SMTP_DEFAULT_REPLY_TO" = "noreply-pp@schrottkatze.de";
|
||||||
|
"PENPOT_SMTP_HOST" = "smtp.migadu.com";
|
||||||
|
"PENPOT_SMTP_PORT" = "465";
|
||||||
|
"PENPOT_SMTP_USERNAME" = "noreply-pp@schrottkatze.de";
|
||||||
|
"PENPOT_SMTP_PASSWORD" = builtins.readFile ../secret-data/penpot-smtp-pass;
|
||||||
|
"PENPOT_SMTP_TLS" = "true";
|
||||||
|
"PENPOT_SMTP_SSL" = "false";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"penpot-frontend".service = {
|
||||||
|
image = "penpotapp/frontend:latest";
|
||||||
|
restart = "always";
|
||||||
|
ports = [ "9001:80" ];
|
||||||
|
volumes = [ "/penpot_assets:/opt/data/assets" ];
|
||||||
|
depends_on = [ "penpot-backend" "penpot-exporter" ];
|
||||||
|
networks = [ "penpot" ];
|
||||||
|
};
|
||||||
|
"penpot-exporter".service = {
|
||||||
|
image = "penpotapp/exporter:latest";
|
||||||
|
restart = "always";
|
||||||
|
networks = [ "penpot" ];
|
||||||
|
environment = {
|
||||||
|
"PENPOT_PUBLIC_URI" = "http://penpot-frontend";
|
||||||
|
"PENPOT_REDIS_URI" = "redis://penpot-redis/0";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"penpot-postgres".service = {
|
||||||
|
image = "postgres:15";
|
||||||
|
restart = "always";
|
||||||
|
stop_signal = "SIGINT";
|
||||||
|
volumes = [ "/penpot_postgres_v15:/var/lib/postgresql/data" ];
|
||||||
|
networks = [ "penpot" ];
|
||||||
|
environment = {
|
||||||
|
"POSTGRES_INITDB_ARGS" = "--data-checksums";
|
||||||
|
"POSTGRES_DB" = "penpot";
|
||||||
|
"POSTGRES_USER" = "penpot";
|
||||||
|
"POSTGRES_PASSWORD" = "penpot";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"penpot-redis".service = {
|
||||||
|
image = "redis:7";
|
||||||
|
restart = "always";
|
||||||
|
networks = [ "penpot" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -24,6 +24,10 @@
|
||||||
group = "nginx";
|
group = "nginx";
|
||||||
keyType = "rsa2048";
|
keyType = "rsa2048";
|
||||||
};
|
};
|
||||||
|
"pp.schrottkatze.de" = {
|
||||||
|
group = "nginx";
|
||||||
|
keyType = "rsa2048";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -63,6 +67,13 @@
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
};
|
};
|
||||||
|
"pp.schrottkatze.de" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:9001";
|
||||||
|
};
|
||||||
|
};
|
||||||
"s10e.de" = {
|
"s10e.de" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
|
BIN
secret-data/penpot-smtp-pass
Normal file
BIN
secret-data/penpot-smtp-pass
Normal file
Binary file not shown.
Loading…
Reference in a new issue