76 lines
1.8 KiB
Nix
76 lines
1.8 KiB
Nix
# Module: services/stirling-pdf
|
|
# Enables a stirling-pdf server
|
|
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
pkgsUnstable,
|
|
inputs,
|
|
...
|
|
}:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.stirling-pdf;
|
|
stirling-pdfPort = "5233";
|
|
stirling-pdfAddress = "127.0.0.1";
|
|
in
|
|
{
|
|
options.stirling-pdf = {
|
|
enable = mkEnableOption "Enables stirling-pdf module";
|
|
|
|
environmentFiles = mkOption {
|
|
type = types.listOf types.path;
|
|
default = null;
|
|
description = "Path of environment files containing secrets for the stirling-pdf config";
|
|
example = "../secrets/stirling-pdf.env";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.stirling-pdf = {
|
|
enable = true;
|
|
package = pkgsUnstable.stirling-pdf;
|
|
environmentFiles = cfg.environmentFiles;
|
|
|
|
environment = {
|
|
SECURITY_ENABLELOGIN = "true";
|
|
SECURITY_LOGINMETHOD = "oauth2";
|
|
SECURITY_OAUTH2_ENABLED = "true";
|
|
SECURITY_OAUTH2_AUTOCREATEUSER = "true";
|
|
SECURITY_OAUTH2_BLOCKREGISTRATION = "false";
|
|
SECURITY_OAUTH2_SCOPES = "openid, profile, email";
|
|
SECURITY_OAUTH2_USEASUSERNAME = "preferred_username";
|
|
SECURITY_OAUTH2_PROVIDER = "Authentik";
|
|
|
|
# Required for auth
|
|
DISABLE_ADDITIONAL_FEATURES = "false";
|
|
|
|
SYSTEM_ENABLEANALYTICS = "false";
|
|
|
|
# Server config
|
|
SERVER_PORT = stirling-pdfPort;
|
|
SERVER_ADDRESS = stirling-pdfAddress;
|
|
|
|
# Logging config
|
|
LOGGING_LEVEL_ROOT = "info";
|
|
};
|
|
};
|
|
|
|
services.traefik.dynamicConfigOptions = {
|
|
http.routers.stirling-pdf = {
|
|
entrypoints = [ "web" ];
|
|
rule = "Host(`pdf.its-et.me`)";
|
|
tls = false;
|
|
service = "stirling-pdf";
|
|
};
|
|
http.services.stirling-pdf.loadbalancer.servers = [
|
|
{
|
|
url = "http://127.0.0.1:${toString stirling-pdfPort}";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
}
|