nix-config/config/services/firefly.nix

{
  config,
  nodes,
  globals,
  ...
}:
{
  i18n.supportedLocales = [ "all" ];
  wireguard.services = {
    client.via = "nucnix";
    firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 80 ];
  };

  age.secrets.appKey = {
    generator.script = _: ''
      echo "base64:$(head -c 32 /dev/urandom | base64)"
    '';
    owner = "firefly-iii";
  };

  services.firefly-iii = {
    enable = true;
    enableNginx = true;
    virtualHost = globals.services.firefly.domain;
    settings = {
      APP_URL = "https://${globals.services.firefly.domain}";
      TZ = "Europe/Berlin";
      TRUSTED_PROXIES = nodes.nucnix-nginx.config.wireguard.services.ipv4;
      SITE_OWNER = "firefly-admin@${globals.domains.mail_public}";
      APP_KEY_FILE = config.age.secrets.appKey.path;
      AUTHENTICATION_GUARD = "remote_user_guard";
      AUTHENTICATION_GUARD_HEADER = "X-User";
      AUTHENTICATION_GUARD_EMAIL = "X-Email";
    };
  };

  environment.persistence."/persist".directories = [
    {
      directory = "/var/lib/firefly-iii";
      user = "firefly-iii";
    }
  ];
}
feat: globals feat: more vlan config 2024-12-20 20:40:27 +01:00			`{`
			`config,`
			`nodes,`
			`globals,`
			`...`
			`}:`
feat: firefly working 2024-04-05 13:31:30 +02:00			`{`
reformat 2024-07-26 22:12:48 +02:00			`i18n.supportedLocales = [ "all" ];`
feat: globals feat: more vlan config 2024-12-20 20:40:27 +01:00			`wireguard.services = {`
			`client.via = "nucnix";`
			`firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 80 ];`
WIP: firefly-iii 2024-04-02 21:57:59 +02:00			`};`

feat: netbird/firefly upstream 2024-04-24 01:00:57 +02:00			`age.secrets.appKey = {`
			`generator.script = _: ''`
			`echo "base64:$(head -c 32 /dev/urandom \| base64)"`
			`'';`
			`owner = "firefly-iii";`
			`};`

WIP: firefly-iii 2024-04-02 21:57:59 +02:00			`services.firefly-iii = {`
			`enable = true;`
feat: netbird/firefly upstream 2024-04-24 01:00:57 +02:00			`enableNginx = true;`
feat: globals feat: more vlan config 2024-12-20 20:40:27 +01:00			`virtualHost = globals.services.firefly.domain;`
WIP: firefly-iii 2024-04-02 21:57:59 +02:00			`settings = {`
feat: globals feat: more vlan config 2024-12-20 20:40:27 +01:00			`APP_URL = "https://${globals.services.firefly.domain}";`
WIP: firefly-iii 2024-04-02 21:57:59 +02:00			`TZ = "Europe/Berlin";`
feat: globals feat: more vlan config 2024-12-20 20:40:27 +01:00			`TRUSTED_PROXIES = nodes.nucnix-nginx.config.wireguard.services.ipv4;`
			`SITE_OWNER = "firefly-admin@${globals.domains.mail_public}";`
feat: netbird/firefly upstream 2024-04-24 01:00:57 +02:00			`APP_KEY_FILE = config.age.secrets.appKey.path;`
feat: firefly remote user auth 2024-05-24 22:03:14 +02:00			`AUTHENTICATION_GUARD = "remote_user_guard";`
			`AUTHENTICATION_GUARD_HEADER = "X-User";`
			`AUTHENTICATION_GUARD_EMAIL = "X-Email";`
WIP: firefly-iii 2024-04-02 21:57:59 +02:00			`};`
			`};`
chore: firefly impermanence 2024-04-05 15:07:54 +02:00
			`environment.persistence."/persist".directories = [`
			`{`
			`directory = "/var/lib/firefly-iii";`
update 2024-04-05 21:54:41 +02:00			`user = "firefly-iii";`
chore: firefly impermanence 2024-04-05 15:07:54 +02:00			`}`
			`];`
WIP: firefly-iii 2024-04-02 21:57:59 +02:00			`}`