nixos-config/machines/orbi/service-photoprism.nix
2024-09-30 20:48:04 +09:00

95 lines
2.8 KiB
Nix

{
config,
pkgs,
lib,
components,
inputs,
...
}:
let
mySQLPackage = pkgs.mysql;
photoprismPort = 2342;
mysqlPort = 3336;
in
{
networking.firewall.interfaces.wg0.allowedTCPPorts = [ photoprismPort ];
# networking.firewall.interfaces.wg0.allowedUDPPorts = [ photoprismPort ];
healthchecks.closed.public.ports.photoprism = [ photoprismPort ];
healthchecks.http.photoprism = {
url = "http://10.100.0.1:2342/library/login";
expectedContent = "AI-Powered Photos App";
};
containers.photoprism = {
privateNetwork = false;
autoStart = true;
config =
{ config, lib, ... }:
{
nixpkgs.pkgs = pkgs;
imports = [
"${components}/monitor/container.nix"
inputs.nix-topology.nixosModules.default
];
system.stateVersion = "23.11";
services.logrotate.checkConfig = false; # because uid 3000 does not exist in here
environment.systemPackages = [
config.services.photoprism.package
];
# Photoprism
# ----------
services.photoprism = {
enable = true;
port = photoprismPort;
package = pkgs.legacy_2405.photoprism;
originalsPath = "/var/lib/private/photoprism/originals";
address = "0.0.0.0";
settings = {
PHOTOPRISM_ADMIN_USER = "admin";
PHOTOPRISM_ADMIN_PASSWORD = "..."; # change me after initialisation
PHOTOPRISM_DEFAULT_LOCALE = "en";
PHOTOPRISM_DATABASE_DRIVER = "mysql";
PHOTOPRISM_DATABASE_NAME = "photoprism";
PHOTOPRISM_DATABASE_SERVER = "/run/mysqld/mysqld.sock";
PHOTOPRISM_DATABASE_USER = "photoprism";
PHOTOPRISM_SITE_URL = "http://photoprism.orbi.private:${toString photoprismPort}";
PHOTOPRISM_SITE_TITLE = "PhotoPrism";
PHOTOPRISM_UPLOAD_NSFW = "true";
#PHOTOPRISM_THUMB_UNCACHED = "false"; # https://docs.photoprism.app/user-guide/settings/advanced/#static-and-dynamic-size-limits < prevents thumbs from beeing wrong orientation, but takes time for photo import.
};
};
# MySQL Database
# --------------
services.mysql = {
enable = true;
package = mySQLPackage;
settings.mysqld.port = mysqlPort;
ensureDatabases = [ "photoprism" ];
ensureUsers = [
{
name = "photoprism";
ensurePermissions = {
"photoprism.*" = "ALL PRIVILEGES";
};
}
];
};
# Backup Database
# ---------------
services.mysqlBackup = {
enable = true;
databases = config.services.mysql.ensureDatabases;
singleTransaction = true;
};
};
};
}