WIP: Firefly-iii. Missing auth with Authentik

2025-05-05 22:46:49 +02:00 · 2025-05-05 22:46:49 +02:00 · 952a3da61d
commit 952a3da61d
parent 8174cc5756
9 changed files with 252 additions and 0 deletions
--- a/hosts/caddy/default.nix
+++ b/hosts/caddy/default.nix
@ -55,6 +55,12 @@ in
        };
      };

+      firefly-iii.proxy = {
+        enable = true;
+        domain = p.domains.public;
+        host = p.hosts.firefly-iii;
+      };
+
      immich.proxy = {
        enable = true;
        domain = p.domains.public;
--- a/hosts/default.nix
+++ b/hosts/default.nix
@ -233,6 +233,16 @@ in
    # specialArgs = { };
  };

+  firefly-iii = nixpkgs.lib.nixosSystem {
+    pkgs = pkgs "x86_64-linux";
+    modules = [
+      myModules
+      proxmoxModule
+      ./firefly-iii
+      agenix.nixosModules.default
+    ];
+    # specialArgs = { };
+  };

  open-webui = nixpkgs-unstable.lib.nixosSystem {
    pkgs = pkgs-unstable "x86_64-linux";
@ -255,4 +265,5 @@ in
    ];
    # specialArgs = { };
  };
+
 }
--- a/hosts/deployments.nix
+++ b/hosts/deployments.nix
@ -34,6 +34,7 @@ in
      "portainer"
      "vaultwarden"
      "immich"
+      "firefly-iii"
      "paperless"
    ];
  };
@ -136,6 +137,15 @@ in
    ];
  };

+  firefly-iii.deployment = {
+    targetHost = hosts.firefly-iii;
+    tags = [
+      "lxc"
+      "bacco"
+      "firefly-iii"
+    ];
+  };
+
  open-webui.deployment = {
    targetHost = hosts.open-webui;
    tags = [
--- a/hosts/firefly-iii/default.nix
+++ b/hosts/firefly-iii/default.nix
@ -0,0 +1,41 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+{
+
+  age.secrets = {
+    firefly-iii-app-key = {
+      file = ../../secrets/firefly-iii-app-key.age;
+      owner = config.services.firefly-iii.user;
+      group = config.services.firefly-iii.group;
+    };
+    firefly-iii-mailgun-key = {
+      file = ../../secrets/firefly-iii-mailgun-key.age;
+      owner = config.services.firefly-iii.user;
+      group = config.services.firefly-iii.group;
+    };
+  };
+
+  my = {
+    utils = {
+      commons.enable = true;
+      lxc-standard.enable = true;
+    };
+
+    services.firefly-iii = {
+      enable = true;
+      accessToken = config.age.secrets.firefly-iii-app-key.path;
+      mailgun_key = config.age.secrets.firefly-iii-mailgun-key.path;
+    };
+
+    virtualisation.proxmox.enable = true;
+  };
+
+  # Extra packages
+  environment.systemPackages = with pkgs; [ ];
+
+  system.stateVersion = "24.11";
+}
--- a/hosts/parameters.nix
+++ b/hosts/parameters.nix
@ -17,6 +17,7 @@
    shadowsocks = "shadowsocks.internal";
    librechat = "librechat.internal";
    immich = "immich.internal";
+    firefly-iii = "firefly-iii.internal";
    open-webui = "open-webui.home";
    paperless = "paperless.internal";
  };