wo2w/nixos-config
1
0
Fork 0
Code Issues Pull requests Activity

zipline: remove

Browse source 
for real now, i have decided to just use nextcloud (this also means no more pgsql unless i want it)
This commit is contained in:
wo2wz 2025-11-18 12:31:58 -05:00
parent e5ed8478a5
commit 03b76a5e04
5 changed files with 2 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

1
modules/nixos/services/homeserver/default.nix
View file

@ -14,6 +14,5 @@
./uptime-kuma.nix
./vaultwarden.nix
./zed.nix
./zipline.nix
];
}

17
modules/nixos/services/homeserver/kanidm.nix
View file

@ -16,10 +16,6 @@
owner = "kanidm";
group = "kanidm";
};
"kanidm/oauth2/zipline" = {
owner = "kanidm";
group = "kanidm";
};
};
users.groups.tls-kanidm.members = [ "caddy" "kanidm" ];
@ -79,7 +75,6 @@
"grafana_users"
"jellyfin_users"
"nextcloud_users"
"zipline_users"
"grafana_admins"
"jellyfin_admins"
@ -90,7 +85,6 @@
grafana_users = {};
jellyfin_users = {};
nextcloud_users = {};
zipline_users = {};
grafana_admins.members = [ "grafana_users" ];
jellyfin_admins.members = [ "jellyfin_users" ];
@ -128,17 +122,6 @@
basicSecretFile = config.sops.secrets."kanidm/oauth2/nextcloud".path;
scopeMaps.nextcloud_users = [ "openid" "profile" ];
};
zipline = {
displayName = "Zipline";
originUrl = "https://zipline.wo2wz.fyi/api/auth/oauth/oidc";
originLanding = "https://zipline.wo2wz.fyi";
preferShortUsername = true;
allowInsecureClientDisablePkce = true;
basicSecretFile = config.sops.secrets."kanidm/oauth2/zipline".path;
scopeMaps.zipline_users = [ "openid" "profile" "email" "offline_access" ];
};
};
};

5
modules/nixos/services/homeserver/restic.nix
View file

@ -15,7 +15,6 @@
SQLITE_PATH=${lib.getExe pkgs.sqlite}
SUDO_PATH=${lib.getExe pkgs.sudo}
PGDUMP_PATH=${lib.getExe' pkgs.postgresql "pg_dump"}
if [ ! -d $DB_BACKUP_DIR ]; then
mkdir -p -m 600 $DB_BACKUP_DIR
@ -31,10 +30,6 @@
$SQLITE_PATH /var/lib/jellyfin/data/jellyfin.db ".backup $DB_BACKUP_DIR/jellyfin.db"
$SQLITE_PATH /var/lib/jellyfin/data/library.db ".backup $DB_BACKUP_DIR/jellyfin-library.db"
$SQLITE_PATH /var/lib/grafana/data/grafana.db ".backup $DB_BACKUP_DIR/grafana.db"
$SUDO_PATH -u onlyoffice -- $PGDUMP_PATH > $DB_BACKUP_DIR/dump-onlyoffice
$SUDO_PATH -u zipline -- $PGDUMP_PATH > $DB_BACKUP_DIR/dump-zipline
$SUDO_PATH -u postgres -- ${lib.getExe' pkgs.postgresql "pg_dumpall"} -g > $DB_BACKUP_DIR/dump-globals
'';
serviceConfig.Type = "oneshot";
};

52
modules/nixos/services/homeserver/zipline.nix
View file

@ -1,52 +0,0 @@
{ config, ... }:
{
sops.secrets."zipline/secrets.env".restartUnits = [ "zipline.service" ];
services.caddy.virtualHosts."zipline.wo2wz.fyi".extraConfig =
assert config.services.caddy.enable;
''
import default-settings
import cloudflare-tls
reverse_proxy localhost:${toString config.services.zipline.settings.CORE_PORT}
'';
users.users.zipline = {
group = "zipline";
isSystemUser = true;
};
users.groups.zipline = {};
services.zipline = {
enable = true;
settings = {
CORE_DEFAULT_DOMAIN = "zipline.wo2wz.fyi";
CORE_PORT = 8001;
CORE_TRUST_PROXY = "true";
CORE_RETURN_HTTPS_URLS = "true";
DATASOURCE_LOCAL_DIRECTORY = "/mnt/external/storage/zipline/uploads";
FEATURES_VERSION_CHECKING = "false";
FEATURES_THUMBNAILS_NUM_THREADS = 2;
FEATURES_ROBOTS_TXT = "false";
INVITES_ENABLED = "false";
MFA_TOTP_ENABLED = "true";
MFA_PASSKEYS = "true";
FEATURES_OAUTH_REGISTRATION = "true";
OAUTH_BYPASS_LOCAL_LOGIN = "true";
OAUTH_OIDC_CLIENT_ID = "zipline";
OAUTH_OIDC_AUTHORIZE_URL = "https://kanidm.wo2wz.fyi/ui/oauth2";
OAUTH_OIDC_USERINFO_URL = "https://kanidm.wo2wz.fyi/oauth2/openid/zipline/userinfo";
OAUTH_OIDC_TOKEN_URL = "https://kanidm.wo2wz.fyi/oauth2/token";
FILES_MAX_FILE_SIZE = "3091283091716487142128741263894122347014687124687124614791824619246129491246128461841279468127468912461924612974182746182468712468126487912648126481256487126491672941974612945618274610289417846192849712471eb";
FILES_ASSUME_MIMETYPES = "true";
FILES_REMOVE_GPS_METADATA = "true";
};
environmentFiles = [ config.sops.secrets."zipline/secrets.env".path ];
};
}