patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity
nix-config/config/services/firefly.nix
Patrick 44d265ecdb
reformat
2024-07-26 22:12:48 +02:00

39 lines
1.1 KiB
Nix
Raw Blame History

{ config, nodes, ... }:
{
i18n.supportedLocales = [ "all" ];
wireguard.elisabeth = {
client.via = "elisabeth";
firewallRuleForNode.elisabeth.allowedTCPPorts = [ 80 ];
};
age.secrets.appKey = {
generator.script = _: ''
echo "base64:$(head -c 32 /dev/urandom | base64)"
'';
owner = "firefly-iii";
};
services.firefly-iii = {
enable = true;
enableNginx = true;
virtualHost = "money.${config.secrets.secrets.global.domains.web}";
settings = {
APP_URL = "https://money.${config.secrets.secrets.global.domains.web}";
TZ = "Europe/Berlin";
TRUSTED_PROXIES = nodes.elisabeth.config.wireguard.elisabeth.ipv4;
SITE_OWNER = "firefly-admin@${config.secrets.secrets.global.domains.mail_public}";
APP_KEY_FILE = config.age.secrets.appKey.path;
AUTHENTICATION_GUARD = "remote_user_guard";
AUTHENTICATION_GUARD_HEADER = "X-User";
AUTHENTICATION_GUARD_EMAIL = "X-Email";
};
};
environment.persistence."/persist".directories = [
{
directory = "/var/lib/firefly-iii";
user = "firefly-iii";
}
];
}
Reference in a new issue View git blame Copy permalink