oauth for zipline

fmt
add zipline
2025-02-13 22:40:30 -05:00 · 2025-02-13 21:50:19 -05:00 · 2025-02-13 21:49:52 -05:00 · 2025-02-13 21:49:45 -05:00
11 changed files with 120 additions and 11 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -113,3 +113,8 @@ creation_rules:
      - age:
          - *yt
          - *cy
+  - path_regex: secrets/services/zipline.yaml
+    key_groups:
+      - age:
+          - *chunk
+          - *cy
--- a/flake.lock
+++ b/flake.lock
@ -1,5 +1,21 @@
 {
  "nodes": {
+    "anki": {
+      "locked": {
+        "lastModified": 1739471491,
+        "narHash": "sha256-ZCKWgsNqKWkVOAQFaFSmK3EN/uDdamNOcSItzvooWYs=",
+        "owner": "cything",
+        "repo": "nixpkgs",
+        "rev": "1562f5286858b3c1e5ea7e60f4bf6b3578519248",
+        "type": "github"
+      },
+      "original": {
+        "owner": "cything",
+        "repo": "nixpkgs",
+        "rev": "1562f5286858b3c1e5ea7e60f4bf6b3578519248",
+        "type": "github"
+      }
+    },
    "attic": {
      "inputs": {
        "crane": "crane",
@ -1265,6 +1281,7 @@
    },
    "root": {
      "inputs": {
+        "anki": "anki",
        "conduwuit": "conduwuit",
        "crane": "crane_2",
        "disko": "disko",
--- a/flake.nix
+++ b/flake.nix
@ -100,6 +100,9 @@
    flake-utils.url = "github:numtide/flake-utils";
    crane.url = "github:ipetkov/crane";
    flake-compat.url = "github:edolstra/flake-compat";
+
+    # unmerged PRs
+    anki.url = "github:cything/nixpkgs/1562f5286858b3c1e5ea7e60f4bf6b3578519248";
  };

  nixConfig = {
--- a/home/codium.nix
+++ b/home/codium.nix
@ -7,16 +7,19 @@
    enableExtensionUpdateCheck = false;
    mutableExtensionsDir = false;
    extensions =
-      (with pkgs.open-vsx; [
-        vscodevim.vim
-        jnoortheen.nix-ide
-        editorconfig.editorconfig
-        github.github-vscode-theme
-        rust-lang.rust-analyzer
-      ])
-      ++ (with pkgs.vscode-marketplace; [
-        github.codespaces
-      ]);
+      # if unfree
+      # (with pkgs.vscode-marketplace; [
+      (
+        with pkgs.open-vsx;
+        [
+          vscodevim.vim
+          jnoortheen.nix-ide
+          editorconfig.editorconfig
+          github.github-vscode-theme
+          rust-lang.rust-analyzer
+          shd101wyy.markdown-preview-enhanced
+        ]
+      );
    userSettings = {
      "workbench.colorTheme" = "GitHub Dark Default";
      "files.autoSave" = "afterDelay";
--- a/hosts/chunk/default.nix
+++ b/hosts/chunk/default.nix
@ -72,6 +72,9 @@
    "tailscale/auth" = {
      sopsFile = ../../secrets/services/tailscale.yaml;
    };
+    "zipline/env" = {
+      sopsFile = ../../secrets/services/zipline.yaml;
+    };
  };

  boot = {
@ -207,4 +210,5 @@
  environment.enableAllTerminfo = true;

  my.roundcube.enable = true;
+  my.zipline.enable = true;
 }
--- a/hosts/chunk/garage.nix
+++ b/hosts/chunk/garage.nix
@ -8,7 +8,7 @@
      s3_api = {
        s3_region = "earth";
        api_bind_addr = "[::]:3900";
-        root_domain = ".s3.cy7.sh";
+        root_domain = "s3.cy7.sh";
      };
      s3_web = {
        bind_addr = "[::]:3902";
--- a/hosts/ytnix/default.nix
+++ b/hosts/ytnix/default.nix
@ -402,4 +402,9 @@
    enable = true;
    enableQt5Integration = true;
  };
+
+  programs.appimage = {
+    enable = true;
+    binfmt = true;
+  };
 }
--- a/modules/default.nix
+++ b/modules/default.nix
@ -4,5 +4,6 @@
    ./backup.nix
    ./caddy.nix
    ./roundcube.nix
+    ./zipline.nix
  ];
 }
--- a/modules/zipline.nix
+++ b/modules/zipline.nix
@ -0,0 +1,39 @@
+{
+  config,
+  lib,
+  ...
+}:
+let
+  cfg = config.my.zipline;
+in
+{
+  options.my.zipline = {
+    enable = lib.mkEnableOption "zipline";
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.zipline = {
+      enable = true;
+      settings = {
+        CORE_PORT = 3001;
+        DATASOURCE_TYPE = "s3";
+        DATASOURCE_S3_ENDPOINT = "e3e97aac307d106a7becea43cef8fcbd.r2.cloudflarestorage.com";
+        DATASOURCE_S3_BUCKET = "zipline";
+        DATASOURCE_S3_REGION = "auto";
+        DATASOURCE_S3_USE_SSL = "true";
+        DATASOURCE_S3_FORCE_S3_PATH = "false";
+        FEATURES_THUMBNAILS = "true";
+        EXIF_REMOVE_GPS = "true";
+        CHUNKS_CHUNKS_SIZE = "50mb";
+        CHUNKS_MAX_SIZE = "95mb";
+        FEATURES_OAUTH_REGISTRATION = "true";
+      };
+      environmentFiles = [ config.sops.secrets."zipline/env".path ];
+    };
+
+    services.caddy.virtualHosts."host.cy7.sh".extraConfig = ''
+      import common
+      reverse_proxy 127.0.0.1:3001
+    '';
+  };
+}
--- a/overlay/default.nix
+++ b/overlay/default.nix
@ -20,6 +20,7 @@ importedOverlays
      lldb = pkgFrom stable "lldb";
      calibre = pkgFrom stable "calibre";
      nil = inputs.nil.packages.${prev.system}.nil;
+      anki = pkgFrom inputs.anki "anki-bin";
    }
  )
 ]
--- a/secrets/services/zipline.yaml
+++ b/secrets/services/zipline.yaml
@ -0,0 +1,31 @@
+zipline:
+    env: ENC[AES256_GCM,data:lsR/+bET/C7ssik0xv5IBITT+KEnoyqNjSZ9jvkkb7lmNAQzow6dCm1nprfimiJC0EF2LyiEPm0wchdtrLTNEtUkJWkworEJXeWGrGGbHgZW0/HC1BSERqlLmZTPyLWkhsl3rObvuhRoTKlUN5EMwtK8x06aOX6PcxLdwVjps7UxkBXej712IcKPvHVSJIQMvVHP2lqSppJc+sEMt4u3Vnf1ZYGsQS3bWnI7w40sOdGR8LGBadfmWwIj0/3XTaG7S7Lhi4AOFGZtpdyOmxxIH3Vd5qesfiqPHm0nTmu/JxPftYm+F/hDnbJHrbg7cNVlJahDFtQp8QdlVvdMU3ccNptpRXGWIwFOz3JtuzDo7pxkYRqO2dKqYbKhOknrMW0PYuB48XEKj3e4Q+T8tUhFTsOHfqT0J8ati26dQaUO5wvw22o=,iv:QeR8fU9bRVO5OuqjbEeiC1vihbLxrNgnR0k0K/mRmSw=,tag:6x2XELOlJ9JWeOuVBBHNpg==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1eg6sxflw6l44fp20sl068sampwd95fm0mnh4ssegrhtktgm50ptqcuspyn
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDUDFDSnFEM1NZK0lSMnUx
+            YkI3MWlpY1VjYXdaKzBCOFc5NWp5NXdBbkdVCmI0Z2tuSXBOSFN2NXJTUWxKQXNu
+            SGhhTTYzUDFSOFFXdU5aVHlmYnJNa1UKLS0tIGlrUTErQkVRdFBYYWxUcklHaUVY
+            UkQ3eVlDR2lMOEZGNXRjU3J3RXpwZkUKNJL/dvPsGu0AJiXryR8uSM0jE//cQi0b
+            AeYUjXLRcouUq5zWL6AsKDOUAo9t//AAFZqv3DGUboR8UzdymYRYMw==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age10h6pg5qdpc4t0rpmksfv788a57f04n83zgqaezkjjn65nkhv547s0vxfdn
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0Wk9ZYkExU3k0ZWpOZEhF
+            TkswRGxTd1hpcGJaa1pmcUJFQnZMcGV6L0ZFCnp3K05YdU56WUl1TktVSFNQWWZH
+            bG5COXVuSjFCUWpEYXQweVFPaDAzcTQKLS0tIFgralQ1TWUzajVOM3RyS3RDcnRx
+            WHZSeVJIaGRldmhmcWZvT3YzL3hPbFEKVUtCU1l/RhFOlwdjE0ejW/Ym+cMVNxIW
+            AdvVcWoilMGTsDJIIlLu7fPbhmGotPvqGjxMC2yEpEgJUt/rsz2vPA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-02-14T03:37:09Z"
+    mac: ENC[AES256_GCM,data:KViPAUWWpE5UTZOp55f3QeXhHkXBvyl9Np/Tlj5bY7t3qt1U370OLq1yL87WWbvRWa/K/ZYN2gjN16dgfp5o834VniSJM6dnw+vC76QNaXjCfE2HKozRx6NlHFMflzzV8TXvqzJvuPa43E8DRaBctY2a7aIbJ4DJki1dfmrrO3Y=,iv:vPeMWOWQNZX3t4BoYzpuI74tZJ3rCXwbxmqcRAW5ZXY=,tag:i4ZjIXg0JOj2U2jMwurChw==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.9.4
Author	SHA1	Message	Date
cy	d23e73a4ba	oauth for zipline	2025-02-13 22:40:30 -05:00
cy	0c9823a5aa	fmt	2025-02-13 21:50:19 -05:00
cy	9877335f4b	add zipline	2025-02-13 21:49:52 -05:00
cy	0992f2f308	enable appimage, overlay anki	2025-02-13 21:49:45 -05:00