wiro.world / dotfiles
yep, more dotfiles
fork atom

server: add archive-warrior

wiro.world 23c29bc7 24025de9

verified
+16 -2
+16 -2
nixos/profiles/server.nix
··· 73 73 matrix-port = 3009; 74 74 matrix-hostname = "matrix.wiro.world"; 75 75 76 + warrior-port = 3010; 77 + warrior-hostname = "warrior.wiro.world"; 78 + 76 79 prometheus-port = 9001; 77 80 prometheus-node-exporter-port = 9002; 78 81 headscale-metrics-port = 9003; ··· 234 237 virtualHosts.${matrix-hostname}.extraConfig = '' 235 238 reverse_proxy /_matrix/* http://localhost:${toString matrix-port} 236 239 ''; 240 + 241 + virtualHosts.${warrior-hostname}.extraConfig = '' 242 + forward_auth localhost:${toString authelia-port} { 243 + uri /api/authz/forward-auth 244 + } 245 + reverse_proxy http://localhost:${toString warrior-port} 246 + ''; 237 247 }; 238 248 239 249 age.secrets.pds-env.file = ../../secrets/pds-env.age; ··· 438 448 ]; 439 449 }; 440 450 441 - 442 451 identity_providers.oidc = { 443 452 # enforce_pkce = "always"; 444 453 clients = [ ··· 458 467 } 459 468 ]; 460 469 }; 461 - 462 470 463 471 notifier.smtp = { 464 472 address = "smtp://smtp.resend.com:2587"; ··· 491 499 allow_registration = true; 492 500 registration_token_file = config.age.secrets.tuwunel-registration-tokens.path; 493 501 }; 502 + }; 503 + 504 + virtualisation.oci-containers.containers.archive-warrior = { 505 + image = "atdr.meo.ws/archiveteam/warrior-dockerfile"; 506 + ports = [ "127.0.0.1:${toString warrior-port}:8001" ]; 507 + pull = "newer"; 494 508 }; 495 509 }; 496 510 }