diff --git a/configuration.nix b/configuration.nix index 90ba2da..3402e17 100644 --- a/configuration.nix +++ b/configuration.nix @@ -6,10 +6,14 @@ in imports = [ ./hardware-configuration.nix ./firewall.nix + (import ./acme.nix { inherit base-domain; }) (import ./nginx.nix { inherit base-domain; }) - (import ./sourcehut.nix { inherit base-domain; }) ./postgresql.nix + + (import ./sourcehut.nix { inherit base-domain; }) + (import ./docspell.nix { inherit base-domain; }) + ./userprogs.nix ]; diff --git a/docspell.nix b/docspell.nix new file mode 100644 index 0000000..7cd2667 --- /dev/null +++ b/docspell.nix @@ -0,0 +1,43 @@ +{ base-domain, ... }: +let + fqdn = "docspell.${base-domain}"; +in +{ + services.docspell-joex = { + enable = true; + base-url = "http://localhost:7878"; + bind = { + address = "0.0.0.0"; + port = "7878"; + }; + scheduler.pool-size = 1; + jdbc = { + url = "jdbc:postgresql://localhost:5432/docspell"; + user = "docspell"; + paswword = "docspell"; + }; + }; + services.docspell-restserver = { + enable = true; + base-url = "https://${fqdn}"; + bind = { + address = "0.0.0.0"; + port = 443; + }; + auth = { + server-secret = "b64:lv56LIyZmaXTdlhvFBVpoNHt2BTQBgHpb7lwl1gyOG9MuvWKhSi91h84P15QIXirfYPSVV/R1aoTifSO688dWQ=="; + }; + backend = { + signup = { + mode = "invite"; + new-invite-password = "asunarovow"; + invite-time = "30 days"; + }; + jdbc = { + url = "jdbc:postgresql://localhost:5432/docspell"; + user = "docspell"; + paswword = "docspell"; + }; + }; + }; +} diff --git a/flake.lock b/flake.lock index 39160dd..2140a8f 100644 --- a/flake.lock +++ b/flake.lock @@ -1,6 +1,99 @@ { "nodes": { + "devshell-tools": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1723456550, + "narHash": "sha256-7QRLuQAtNpKqXdXZ6/cGdFU3yAyZkuXm3NBb0WRVvRc=", + "owner": "eikek", + "repo": "devshell-tools", + "rev": "09f6239a67b648a8b777ce4da6712d6600138f5e", + "type": "github" + }, + "original": { + "owner": "eikek", + "repo": "devshell-tools", + "type": "github" + } + }, + "docspell": { + "inputs": { + "devshell-tools": "devshell-tools", + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1723984313, + "narHash": "sha256-Jc1772Z1LzyvSilg/G1Fi4w/YZTnQBSPl4YfRfl6d5g=", + "owner": "eikek", + "repo": "docspell", + "rev": "8c64a5080ee604b51bde230fc01b0ad9e05d3e2f", + "type": "github" + }, + "original": { + "owner": "eikek", + "repo": "docspell", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "nixpkgs": { + "locked": { + "lastModified": 1721548954, + "narHash": "sha256-7cCC8+Tdq1+3OPyc3+gVo9dzUNkNIQfwSDJ2HSi2u3o=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "63d37ccd2d178d54e7fb691d7ec76000740ea24a", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1724242322, "narHash": "sha256-HMpK7hNjhEk4z5SFg5UtxEio9OWFocHdaQzCfW1pE7w=", @@ -18,7 +111,38 @@ }, "root": { "inputs": { - "nixpkgs": "nixpkgs" + "docspell": "docspell", + "nixpkgs": "nixpkgs_2" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index 766ff5a..b911d0b 100644 --- a/flake.nix +++ b/flake.nix @@ -1,13 +1,20 @@ { description = "quasar system configuration"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + docspell = { + url = "github:eikek/docspell"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; - outputs = { self, nixpkgs, ... }: { + outputs = { self, nixpkgs, docspell, ... }: { nixosConfigurations.quasar = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ ./configuration.nix + docspell.nixosModules.default ]; }; };