JakeHillion/nixos
1
0
Fork 0
Code Issues 10 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

inventree: deploy on boron
All checks were successful
flake / flake (push) Successful in 1m19s
Details

Browse Source
This commit is contained in:
Jake Hillion 2024-08-11 12:57:33 +01:00
parent 9c419376c5
commit 11a0589257
6 changed files with 157 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/chia.nix
View File

@ -34,9 +34,7 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = [ ctl ]; environment.systemPackages = [ ctl ];
users.groups.chia = { users.groups.chia.gid = config.ids.gids.chia;
gid = config.ids.gids.chia;
};
users.users.chia = { users.users.chia = {
home = cfg.path; home = cfg.path;
createHome = true; createHome = true;

2
modules/ids.nix
View File

@ -9,6 +9,7 @@
gitea = 186; gitea = 186;
node-exporter = 188; node-exporter = 188;
step-ca = 198; step-ca = 198;
inventree = 199;
## Consistent People ## Consistent People
jake = 1000; jake = 1000;
@ -21,6 +22,7 @@
gitea = 186; gitea = 186;
node-exporter = 188; node-exporter = 188;
step-ca = 198; step-ca = 198;
inventree = 199;
## Consistent Groups ## Consistent Groups
mediaaccess = 1200; mediaaccess = 1200;

1
modules/locations.nix
View File

@ -23,6 +23,7 @@ in
downloads = "tywin.storage.ts.hillion.co.uk"; downloads = "tywin.storage.ts.hillion.co.uk";
gitea = "boron.cx.ts.hillion.co.uk"; gitea = "boron.cx.ts.hillion.co.uk";
homeassistant = "microserver.home.ts.hillion.co.uk"; homeassistant = "microserver.home.ts.hillion.co.uk";
inventree = "boron.cx.ts.hillion.co.uk";
mastodon = ""; mastodon = "";
matrix = "boron.cx.ts.hillion.co.uk"; matrix = "boron.cx.ts.hillion.co.uk";
prometheus = "boron.cx.ts.hillion.co.uk"; prometheus = "boron.cx.ts.hillion.co.uk";

3
modules/services/authoritative_dns.nix
View File

@ -35,12 +35,13 @@ in
ca 21600 CNAME sodium.pop.ts.hillion.co.uk. ca 21600 CNAME sodium.pop.ts.hillion.co.uk.
deluge.downloads 21600 CNAME tywin.storage.ts.hillion.co.uk. deluge.downloads 21600 CNAME tywin.storage.ts.hillion.co.uk.
graphs.router.home 21600 CNAME router.home.ts.hillion.co.uk. graphs.router.home 21600 CNAME router.home.ts.hillion.co.uk.
inventree 21600 CNAME boron.cx.ts.hillion.co.uk.
prometheus 21600 CNAME ${config.custom.locations.locations.services.prometheus}.
prowlarr.downloads 21600 CNAME tywin.storage.ts.hillion.co.uk. prowlarr.downloads 21600 CNAME tywin.storage.ts.hillion.co.uk.
radarr.downloads 21600 CNAME tywin.storage.ts.hillion.co.uk. radarr.downloads 21600 CNAME tywin.storage.ts.hillion.co.uk.
restic.tywin.storage 21600 CNAME tywin.storage.ts.hillion.co.uk. restic.tywin.storage 21600 CNAME tywin.storage.ts.hillion.co.uk.
sonarr.downloads 21600 CNAME tywin.storage.ts.hillion.co.uk. sonarr.downloads 21600 CNAME tywin.storage.ts.hillion.co.uk.
zigbee2mqtt.home 21600 CNAME router.home.ts.hillion.co.uk. zigbee2mqtt.home 21600 CNAME router.home.ts.hillion.co.uk.
prometheus 21600 CNAME ${config.custom.locations.locations.services.prometheus}.
'' + (makeRecords "A" config.custom.dns.authoritative.ipv4.uk.co.hillion.ts) + "\n\n" + (makeRecords "AAAA" config.custom.dns.authoritative.ipv6.uk.co.hillion.ts); '' + (makeRecords "A" config.custom.dns.authoritative.ipv4.uk.co.hillion.ts) + "\n\n" + (makeRecords "AAAA" config.custom.dns.authoritative.ipv6.uk.co.hillion.ts);
}; };

1
modules/services/default.nix
View File

@ -6,6 +6,7 @@
./downloads.nix ./downloads.nix
./gitea/default.nix ./gitea/default.nix
./homeassistant.nix ./homeassistant.nix
./inventree.nix
./mastodon/default.nix ./mastodon/default.nix
./matrix.nix ./matrix.nix
./tang.nix ./tang.nix

150
modules/services/inventree.nix Normal file
View File

@ -0,0 +1,150 @@
{ config, lib, pkgs, ... }:
let
cfg = config.custom.services.inventree;
version = "0.15.8";
staticFiles = pkgs.fetchzip {
url = "https://github.com/inventree/InvenTree/releases/download/${version}/frontend-build.zip";
stripRoot = false;
hash = "sha256-wM0/06eLAY6faCZiHslPnQi+WOlOo3AuvGqV3rcNbso=";
};
in
{
options.custom.services.inventree = {
enable = lib.mkEnableOption "inventree";
path = lib.mkOption {
type = lib.types.str;
default = "/var/lib/inventree";
};
domain = lib.mkOption {
type = lib.types.str;
default = "inventree.ts.hillion.co.uk";
};
hostPort = lib.mkOption {
type = lib.types.port;
default = 4864;
};
};
config = lib.mkIf cfg.enable {
users.groups.inventree.gid = config.ids.gids.inventree;
users.users.inventree = {
home = cfg.path;
createHome = true;
homeMode = "0750";
isSystemUser = true;
group = "inventree";
uid = config.ids.uids.inventree;
};
users.users.caddy.extraGroups = [ "inventree" ];
services.postgresql = {
enable = true;
enableTCPIP = true;
ensureDatabases = [ "inventree" ];
ensureUsers = [{
name = "inventree";
ensureDBOwnership = true;
ensureClauses.login = true;
}];
authentication = "hostnossl inventree inventree 0.0.0.0 0.0.0.0 scram-sha-256";
};
systemd.tmpfiles.rules = [ "C ${cfg.path}/static 0755 inventree inventree - ${staticFiles}" ];
services.caddy = {
enable = true;
virtualHosts.${cfg.domain}.extraConfig = ''
bind ${config.custom.dns.tailscale.ipv4} ${config.custom.dns.tailscale.ipv6}
tls {
ca https://ca.ts.hillion.co.uk:8443/acme/acme/directory
}
encode zstd gzip
request_body {
max_size 100MB
}
handle_path /static/* {
header Allow GET,HEAD,OPTIONS
header Access-Control-Allow-Origin *
header Access-Control-Allow-Methods GET,HEAD,OPTIONS
header Access-Control-Allow-Headers Authorization,Content-Type,User-Agent
@cors_preflight{static} method OPTIONS
handle @cors_preflight{static} {
respond "" 204
}
root * ${cfg.path}/static
file_server
}
handle_path /media/* {
header Allow GET,HEAD,OPTIONS
header Access-Control-Allow-Origin *
header Access-Control-Allow-Methods GET,HEAD,OPTIONS
header Access-Control-Allow-Headers Authorization,Content-Type,User-Agent
@cors_preflight{media} method OPTIONS
handle @cors_preflight{media} {
respond "" 204
}
root * ${cfg.path}/media
file_server
header Content-Disposition attachment
forward_auth http://localhost:${toString cfg.hostPort} {
uri /auth/
}
}
reverse_proxy http://localhost:${toString cfg.hostPort}
'';
};
virtualisation.oci-containers.containers.inventree = {
image = "inventree/inventree:${version}";
ports = [ "${toString cfg.hostPort}:8000" ];
extraOptions = [
"--uidmap=0:${toString config.users.users.inventree.uid}:1"
"--gidmap=0:${toString config.users.groups.inventree.gid}:1"
];
volumes = [ "${cfg.path}:/home/inventree/data" ];
environment = {
INVENTREE_SITE_URL = "https://${cfg.domain}";
INVENTREE_DEBUG = "False";
INVENTREE_LOG_LEVEL = "WARNING";
# Database setup
INVENTREE_DB_ENGINE = "postgresql";
INVENTREE_DB_NAME = "inventree";
INVENTREE_DB_HOST = "10.88.0.1";
INVENTREE_DB_PORT = "5432";
INVENTREE_DB_USER = "inventree";
INVENTREE_DB_PASSWORD = "inventree";
# Web server
INVENTREE_GUNICORN_TIMEOUT = "90";
# Migrations
INVENTREE_AUTO_UPDATE = "True";
};
};
};
}