calculate the key (install calckey)

modules/base-stuff.nix

@@ -13,11 +13,15 @@
   boot.kernelParams = [ "console=tty" ];
   boot.initrd.kernelModules = [ "virtio_gpu" ];
 
-  users.users.april = {
+  #users.users.april = {
-    isNormalUser = true;
+    #isNormalUser = true;
-    packages = with pkgs; [ podman ];
+    #packages = with pkgs; [ git ];
-    createHome = true;
+    #createHome = true;
-  };
+    #extraGroups = [ "docker" ];
+    #openssh.authorizedKeys.keys = [
+      #"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMxsX+lEWkHZt9NOvn9yYFP0Z++186LY4b97C4mwj/f2 waterdev@galaxycrow.de"
+    #];
+  #};
 
   services.openssh = {
     enable = true;

modules/containers/calckey.nix

@@ -0,0 +1,50 @@
+{ pkgs, inputs, ... }: 
+{
+  imports = [ inputs.arion.nixosModules.arion ];
+  virtualisation.docker.enable = true;
+  virtualisation.arion = {
+    backend = "docker";
+    projects.calckey.settings = {
+      networks.calcnet.name = "calcnet";
+      services = {
+        "web".service = {
+          image = "docker.io/waterdev/calckey_arm";
+          container_name = "calckey_web";
+          restart = "unless-stopped";
+          depends_on = [ "db" "redis" ];
+          ports = [ "3000:3000" ];
+          networks = [ "calcnet" ];
+          environment = { 
+            "NODE_ENV" = "production"; 
+          };
+          volumes = [
+            "/calckey/files:/calckey/files"
+            "/calckey/config:/calckey/.config:ro"
+          ];
+        };
+        "redis".service = {
+          image = "docker.io/redis:7.0-alpine";
+          container_name = "calckey_redis";
+          restart = "unless-stopped";
+          networks = [ "calcnet" ];
+          volumes = [ "/calckey/redis:/data" ];
+        };
+        "db".service = {
+          image = "docker.io/postgres:12.2-alpine";
+          container_name = "calckey_db";
+          restart = "unless-stopped";
+          networks = [ "calcnet" ];
+          environment = {
+            POSTGRES_PASSWORD = "calckey";
+            POSTGRES_USER = "calckey";
+            POSTGRES_DB = "calckey";
+          };
+          volumes = [
+            "/calckey/db:/var/lib/postgresql/data"
+          ];
+        };
+      };
+    };
+  };
+}
+

modules/containers/default.nix

@@ -2,6 +2,7 @@
 {
   imports = [
     ./phtanumb-wiki.nix
+    ./calckey.nix
     ./penpot.nix
   ];
 }

modules/forgejo.nix

@@ -27,6 +27,9 @@
         REGISTER_MANUAL_CONFIRM = true;
         SHOW_REGISTRATION_BUTTON = false;
       };
+      actions = {
+        ENABLED = true;
+      };
     };
   };
   deployment.keys = {

modules/proxy.nix

@@ -27,6 +27,10 @@
         group = "nginx";
         keyType = "rsa4096";
       };
+      "ck.katzen.cafe" = {
+        group = "nginx";
+        keyType = "rsa4096";
+      };
     };
   };
   services.nginx = {
@@ -38,11 +42,19 @@
     recommendedProxySettings = true;
 
     virtualHosts = {
-      "wiki.phtanum-b.katzen.cafe" = {
+      "ck.katzen.cafe" = {
         forceSSL = true;
         enableACME = true;
         locations."/" = {
-          proxyPass = "http://127.0.0.2:8081";
+          proxyPass = "http://127.0.0.1:3000";
+          proxyWebsockets = true;
+          extraConfig = ''
+              client_max_body_size 8M;
+
+              proxy_set_header X-Real-IP $remote_addr;
+              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+              proxy_set_header X-Forwarded-Proto https;
+            '';
         };
       };
       "forge.katzen.cafe" = {
@@ -75,10 +87,17 @@
         forceSSL = true;
         enableACME = true;
         locations."/" = {
-          proxyPass = "http://localhost:9001";
+          proxyPass = "http://127.0.0.1:9001";
           proxyWebsockets = true;
         };
       };
+      "wiki.phtanum-b.katzen.cafe" = {
+        forceSSL = true;
+        enableACME = true;
+        locations."/" = {
+          proxyPass = "http://127.0.0.2:8081";
+        };
+      };
     };
   };
 }