n8n@m3-atlas
This commit is contained in:
parent
2ffd84eb4e
commit
262902c018
@ -5,8 +5,9 @@
|
|||||||
./postgres.nix
|
./postgres.nix
|
||||||
./restic.nix
|
./restic.nix
|
||||||
./sound.nix
|
./sound.nix
|
||||||
|
./tailscale.nix
|
||||||
./udev.nix
|
./udev.nix
|
||||||
#./wireguard.nix
|
./wireguard.nix
|
||||||
];
|
];
|
||||||
services = {
|
services = {
|
||||||
hypridle.enable = true;
|
hypridle.enable = true;
|
||||||
|
@ -8,33 +8,33 @@
|
|||||||
useRoutingFeatures = "client";
|
useRoutingFeatures = "client";
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.tailscale-autoconnect = {
|
# systemd.services.tailscale-autoconnect = {
|
||||||
description = "Automatic connection to Tailscale";
|
# description = "Automatic connection to Tailscale";
|
||||||
|
|
||||||
# make sure tailscale is running before trying to connect to tailscale
|
# # make sure tailscale is running before trying to connect to tailscale
|
||||||
after = ["network-pre.target" "tailscale.service"];
|
# after = ["network-pre.target" "tailscale.service"];
|
||||||
wants = ["network-pre.target" "tailscale.service"];
|
# wants = ["network-pre.target" "tailscale.service"];
|
||||||
wantedBy = ["multi-user.target"];
|
# wantedBy = ["multi-user.target"];
|
||||||
|
|
||||||
# set this service as a oneshot job
|
# # set this service as a oneshot job
|
||||||
serviceConfig = {
|
# serviceConfig = {
|
||||||
Type = "oneshot";
|
# Type = "oneshot";
|
||||||
EnvironmentFile = "${config.age.secrets.tailscale-key.path}";
|
# EnvironmentFile = "${config.age.secrets.tailscale-key.path}";
|
||||||
};
|
# };
|
||||||
|
|
||||||
# have the job run this shell script
|
# # have the job run this shell script
|
||||||
script = with pkgs; ''
|
# script = with pkgs; ''
|
||||||
# wait for tailscaled to settle
|
# # wait for tailscaled to settle
|
||||||
sleep 2
|
# sleep 2
|
||||||
|
|
||||||
# check if we are already authenticated to tailscale
|
# # check if we are already authenticated to tailscale
|
||||||
status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)"
|
# status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)"
|
||||||
if [ $status = "Running" ]; then # if so, then do nothing
|
# if [ $status = "Running" ]; then # if so, then do nothing
|
||||||
exit 0
|
# exit 0
|
||||||
fi
|
# fi
|
||||||
|
|
||||||
# otherwise authenticate with tailscale
|
# # otherwise authenticate with tailscale
|
||||||
${tailscale}/bin/tailscale up --exit-node 100.88.96.77 --authkey $TAILSCALE_KEY
|
# ${tailscale}/bin/tailscale up --exit-node 100.88.96.77 --authkey $TAILSCALE_KEY
|
||||||
'';
|
# '';
|
||||||
};
|
# };
|
||||||
}
|
}
|
||||||
|
@ -13,6 +13,9 @@
|
|||||||
minio-root-cred = {
|
minio-root-cred = {
|
||||||
file = ../../secrets/minio-root-cred.age;
|
file = ../../secrets/minio-root-cred.age;
|
||||||
};
|
};
|
||||||
|
n8n-env = {
|
||||||
|
file = ../../secrets/n8n-env.age;
|
||||||
|
};
|
||||||
restreamer-env = {
|
restreamer-env = {
|
||||||
file = ../../secrets/restreamer-env.age;
|
file = ../../secrets/restreamer-env.age;
|
||||||
};
|
};
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{config, ...}: {
|
{config, ...}: {
|
||||||
virtualisation.oci-containers.containers."baserow" = {
|
virtualisation.oci-containers.containers."baserow" = {
|
||||||
image = "docker.io/baserow/baserow:1.30.1";
|
image = "docker.io/baserow/baserow:1.31.1";
|
||||||
environmentFiles = [config.age.secrets.baserow-env.path];
|
environmentFiles = [config.age.secrets.baserow-env.path];
|
||||||
ports = ["127.0.0.1:3001:80"];
|
ports = ["127.0.0.1:3001:80"];
|
||||||
volumes = ["baserow_data:/baserow/data"];
|
volumes = ["baserow_data:/baserow/data"];
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
./baserow.nix
|
./baserow.nix
|
||||||
./ghost.nix
|
./ghost.nix
|
||||||
./littlelink.nix
|
./littlelink.nix
|
||||||
|
./n8n.nix
|
||||||
./restreamer.nix
|
./restreamer.nix
|
||||||
];
|
];
|
||||||
system.activationScripts.createPodmanNetworkWeb = lib.mkAfter ''
|
system.activationScripts.createPodmanNetworkWeb = lib.mkAfter ''
|
||||||
|
@ -1,14 +1,10 @@
|
|||||||
{
|
{config, ...}: {
|
||||||
services.n8n = {
|
virtualisation.oci-containers.containers."n8n" = {
|
||||||
enable = true;
|
image = "docker.n8n.io/n8nio/n8n";
|
||||||
webhookUrl = "https://wf.m3tam3re.com";
|
environmentFiles = [config.age.secrets.n8n-env.path];
|
||||||
};
|
ports = ["127.0.0.1:5678:5678"];
|
||||||
|
volumes = ["n8n_data:/home/node/.n8n"];
|
||||||
systemd.services.n8n = {
|
extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.14" "--network=web"];
|
||||||
environment = {
|
|
||||||
N8N_EDITOR_BASE_URL = "https://wf.m3tam3re.com";
|
|
||||||
N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS = "false";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# Traefik configuration specific to n8n
|
# Traefik configuration specific to n8n
|
@ -5,7 +5,6 @@
|
|||||||
./headscale.nix
|
./headscale.nix
|
||||||
./minio.nix
|
./minio.nix
|
||||||
./mysql.nix
|
./mysql.nix
|
||||||
./n8n.nix
|
|
||||||
./postgres.nix
|
./postgres.nix
|
||||||
./searx.nix
|
./searx.nix
|
||||||
./tailscale.nix
|
./tailscale.nix
|
||||||
|
@ -23,6 +23,7 @@ in {
|
|||||||
"secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users;
|
"secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users;
|
||||||
"secrets/m3tam3re-secrets.age".publicKeys = systems ++ users;
|
"secrets/m3tam3re-secrets.age".publicKeys = systems ++ users;
|
||||||
"secrets/minio-root-cred.age".publicKeys = systems ++ users;
|
"secrets/minio-root-cred.age".publicKeys = systems ++ users;
|
||||||
|
"secrets/n8n-env.age".publicKeys = systems ++ users;
|
||||||
"secrets/restreamer-env.age".publicKeys = systems ++ users;
|
"secrets/restreamer-env.age".publicKeys = systems ++ users;
|
||||||
"secrets/searx.age".publicKeys = systems ++ users;
|
"secrets/searx.age".publicKeys = systems ++ users;
|
||||||
"secrets/tailscale-key.age".publicKeys = systems ++ users;
|
"secrets/tailscale-key.age".publicKeys = systems ++ users;
|
||||||
|
BIN
secrets/n8n-env.age
Normal file
BIN
secrets/n8n-env.age
Normal file
Binary file not shown.
Loading…
x
Reference in New Issue
Block a user