xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

weilite/webdav: init

Browse source
This commit is contained in:
xinyangli 2025-04-06 22:21:16 +08:00
parent ea47988011
commit 1c01174df4
No known key found for this signature in database
4 changed files with 47 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

7
machines/weilite/default.nix
View file

@ -102,6 +102,13 @@
type = "virtiofs"; type = "virtiofs";
options = "rw,nodev,nosuid"; options = "rw,nodev,nosuid";
} }
{
what = "originals";
where = "/mnt/photos/xin/originals";
type = "virtiofs";
options = "rw,nodev,nosuid";
wantedBy = [ "immich-server.service" ];
}
{ {
what = "/mnt/nixos/ocis"; what = "/mnt/nixos/ocis";
where = "/var/lib/ocis"; where = "/var/lib/ocis";

1
machines/weilite/services/default.nix
View file

@ -7,5 +7,6 @@
./immich.nix ./immich.nix
./jellyfin.nix ./jellyfin.nix
./transmission.nix ./transmission.nix
./webdav.nix
]; ];
} }

14
machines/weilite/services/immich.nix
View file

@ -86,16 +86,6 @@ in
''; '';
}; };
systemd.mounts = [
{
what = "originals";
where = "/mnt/immich/external-library/xin";
type = "virtiofs";
options = "ro,nodev,nosuid";
wantedBy = [ "immich-server.service" ];
}
];
systemd.timers.immich-auto-stack = { systemd.timers.immich-auto-stack = {
enable = true; enable = true;
wantedBy = [ "immich-server.service" ]; wantedBy = [ "immich-server.service" ];
@ -135,8 +125,8 @@ in
systemd.services.immich-server = { systemd.services.immich-server = {
serviceConfig = { serviceConfig = {
ReadWritePaths = [ BindReadOnlyPaths = [
"/mnt/immich/external-library/xin" "/mnt/photos/xin/originals:/mnt/immich/external-library/xin"
]; ];
Environment = "IMMICH_CONFIG_FILE=${config.sops.templates."immich/config.json".path}"; Environment = "IMMICH_CONFIG_FILE=${config.sops.templates."immich/config.json".path}";
}; };

37
machines/weilite/services/webdav.nix Normal file
View file

@ -0,0 +1,37 @@
{ config, ... }:
{
sops.secrets = {
"webdav/photosync/password" = { };
};
sops.templates."webdav.env" = {
content = ''
PHOTOSYNC_PASSWORD=${config.sops.placeholder."webdav/photosync/password"}
'';
};
services.webdav = {
enable = true;
settings = {
permissions = "RC";
behindProxy = true;
users = [
{
username = "photosync";
password = "{ENV}PHOTOSYNC_PASSWORD";
}
];
};
environmentFile = config.sops.templates."webdav.env".path;
};
systemd.services.webdav.serviceConfig = {
BindReadOnlyPaths = [
"/mnt/photos/xin/originals:%t/webdav/photosync"
];
RuntimeDirectory = "webdav";
WorkingDirectory = "%t/webdav";
};
}