nixos-config/machines/orbi/service-photoprism.nix
2024-07-18 08:25:02 +02:00

71 lines
2 KiB
Nix

{ config, pkgs, lib, ... }:
let
mySQLPackage = pkgs.mysql;
photoprismPort = 2342;
mysqlPort = 3336;
in
{
networking.firewall.interfaces.wg0.allowedTCPPorts = [ photoprismPort ];
# networking.firewall.interfaces.wg0.allowedUDPPorts = [ photoprismPort ];
containers.photoprism = {
privateNetwork = false;
autoStart = true;
config = { config, lib, ... }: {
nixpkgs.pkgs = pkgs;
imports = [ ../../components/monitor/container.nix ];
system.stateVersion = "23.11";
services.logrotate.checkConfig = false; # because uid 3000 does not exist in here
# Photoprism
# ----------
services.photoprism = {
enable = true;
port = photoprismPort;
package = pkgs.photoprism;
originalsPath = "/var/lib/private/photoprism/originals";
address = "0.0.0.0";
settings = {
PHOTOPRISM_ADMIN_USER = "admin";
PHOTOPRISM_ADMIN_PASSWORD = "...";
PHOTOPRISM_DEFAULT_LOCALE = "en";
PHOTOPRISM_DATABASE_DRIVER = "mysql";
PHOTOPRISM_DATABASE_NAME = "photoprism";
PHOTOPRISM_DATABASE_SERVER = "/run/mysqld/mysqld.sock";
PHOTOPRISM_DATABASE_USER = "photoprism";
PHOTOPRISM_SITE_URL = "http://photoprism.orbi.private:${toString photoprismPort}";
PHOTOPRISM_SITE_TITLE = "PhotoPrism";
PHOTOPRISM_UPLOAD_NSFW = "true";
};
};
# MySQL Database
# --------------
services.mysql = {
enable = true;
package = mySQLPackage;
settings.mysqld.port = mysqlPort;
ensureDatabases = [ "photoprism" ];
ensureUsers = [{
name = "photoprism";
ensurePermissions = {
"photoprism.*" = "ALL PRIVILEGES";
};
}];
};
# Backup Database
# ---------------
services.mysqlBackup = {
enable = true;
databases = config.services.mysql.ensureDatabases;
singleTransaction = true;
};
};
};
}