58 lines
1.6 KiB
Nix
58 lines
1.6 KiB
Nix
# docker run --rm -it \
|
|
# -p 8000:8000 \
|
|
# -e "KELLNR_ORIGIN__HOSTNAME=kellnr.example.com" \
|
|
# -v $(pwd):/opt/kdata ghcr.io/kellnr/kellnr:5
|
|
# E.g. docker run -v /path/to/config.toml:/usr/local/cargo/config.toml:ro ghcr.io/kellnr/kellnr:5.2.4
|
|
{config, ...}: let
|
|
port = 8899;
|
|
domain = "crates.darksailor.dev";
|
|
in {
|
|
sops = {
|
|
secrets."kellnr/password" = {};
|
|
secrets."kellnr/token" = {};
|
|
templates."kellnr.env".content = ''
|
|
KELLNR_SETUP__ADMIN_PWD=${config.sops.placeholder."kellnr/password"}
|
|
KELLNR_SETUP__ADMIN_TOKEN=${config.sops.placeholder."kellnr/token"}
|
|
'';
|
|
};
|
|
virtualisation.oci-containers = {
|
|
backend = "docker";
|
|
containers = {
|
|
kellnr = {
|
|
image = "ghcr.io/kellnr/kellnr:5";
|
|
ports = ["127.0.0.1:${toString port}:8000"];
|
|
volumes = [
|
|
"/var/lib/kellnr:/opt/kdata"
|
|
];
|
|
environment = {
|
|
KELLNR_ORIGIN__HOSTNAME = domain;
|
|
KELLNR_DOCS__ENABLED = "true";
|
|
KELLNR_ORIGIN__PROTOCOL = "https";
|
|
KELLNR_ORIGIN__PORT = "443";
|
|
};
|
|
environmentFiles = [
|
|
config.sops.templates."kellnr.env".path
|
|
];
|
|
};
|
|
};
|
|
};
|
|
services.caddy.virtualHosts."${domain}".extraConfig = ''
|
|
# import auth
|
|
reverse_proxy localhost:${toString port}
|
|
'';
|
|
# services.authelia = {
|
|
# instances.darksailor = {
|
|
# settings = {
|
|
# access_control = {
|
|
# rules = [
|
|
# {
|
|
# inherit domain;
|
|
# policy = "one_factor";
|
|
# }
|
|
# ];
|
|
# };
|
|
# };
|
|
# };
|
|
# };
|
|
}
|