m3tam3re/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

n8n@m3-atlas

Browse Source
This commit is contained in:
m3tam3re 2025-02-23 19:07:14 +01:00
parent 2ffd84eb4e
commit 262902c018
9 changed files with 39 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hosts/m3-ares/services/default.nix
View File

@ -5,8 +5,9 @@
./postgres.nix ./postgres.nix
./restic.nix ./restic.nix
./sound.nix ./sound.nix
./tailscale.nix
./udev.nix ./udev.nix
#./wireguard.nix ./wireguard.nix
]; ];
services = { services = {
hypridle.enable = true; hypridle.enable = true;

48
hosts/m3-ares/services/tailscale.nix
View File

@ -8,33 +8,33 @@
useRoutingFeatures = "client"; useRoutingFeatures = "client";
}; };
systemd.services.tailscale-autoconnect = { # systemd.services.tailscale-autoconnect = {
description = "Automatic connection to Tailscale"; # description = "Automatic connection to Tailscale";
# make sure tailscale is running before trying to connect to tailscale # # make sure tailscale is running before trying to connect to tailscale
after = ["network-pre.target" "tailscale.service"]; # after = ["network-pre.target" "tailscale.service"];
wants = ["network-pre.target" "tailscale.service"]; # wants = ["network-pre.target" "tailscale.service"];
wantedBy = ["multi-user.target"]; # wantedBy = ["multi-user.target"];
# set this service as a oneshot job # # set this service as a oneshot job
serviceConfig = { # serviceConfig = {
Type = "oneshot"; # Type = "oneshot";
EnvironmentFile = "${config.age.secrets.tailscale-key.path}"; # EnvironmentFile = "${config.age.secrets.tailscale-key.path}";
}; # };
# have the job run this shell script # # have the job run this shell script
script = with pkgs; '' # script = with pkgs; ''
# wait for tailscaled to settle # # wait for tailscaled to settle
sleep 2 # sleep 2
# check if we are already authenticated to tailscale # # check if we are already authenticated to tailscale
status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)" # status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)"
if [ $status = "Running" ]; then # if so, then do nothing # if [ $status = "Running" ]; then # if so, then do nothing
exit 0 # exit 0
fi # fi
# otherwise authenticate with tailscale # # otherwise authenticate with tailscale
${tailscale}/bin/tailscale up --exit-node 100.88.96.77 --authkey $TAILSCALE_KEY # ${tailscale}/bin/tailscale up --exit-node 100.88.96.77 --authkey $TAILSCALE_KEY
''; # '';
}; # };
} }

3
hosts/m3-atlas/secrets.nix
View File

@ -13,6 +13,9 @@
minio-root-cred = { minio-root-cred = {
file = ../../secrets/minio-root-cred.age; file = ../../secrets/minio-root-cred.age;
}; };
n8n-env = {
file = ../../secrets/n8n-env.age;
};
restreamer-env = { restreamer-env = {
file = ../../secrets/restreamer-env.age; file = ../../secrets/restreamer-env.age;
}; };

2
hosts/m3-atlas/services/containers/baserow.nix
View File

@ -1,6 +1,6 @@
{config, ...}: { {config, ...}: {
virtualisation.oci-containers.containers."baserow" = { virtualisation.oci-containers.containers."baserow" = {
image = "docker.io/baserow/baserow:1.30.1"; image = "docker.io/baserow/baserow:1.31.1";
environmentFiles = [config.age.secrets.baserow-env.path]; environmentFiles = [config.age.secrets.baserow-env.path];
ports = ["127.0.0.1:3001:80"]; ports = ["127.0.0.1:3001:80"];
volumes = ["baserow_data:/baserow/data"]; volumes = ["baserow_data:/baserow/data"];

1
hosts/m3-atlas/services/containers/default.nix
View File

@ -3,6 +3,7 @@
./baserow.nix ./baserow.nix
./ghost.nix ./ghost.nix
./littlelink.nix ./littlelink.nix
./n8n.nix
./restreamer.nix ./restreamer.nix
]; ];
system.activationScripts.createPodmanNetworkWeb = lib.mkAfter '' system.activationScripts.createPodmanNetworkWeb = lib.mkAfter ''

18
hosts/m3-atlas/services/n8n.nix → hosts/m3-atlas/services/containers/n8n.nix
View File

@ -1,14 +1,10 @@
{ {config, ...}: {
services.n8n = { virtualisation.oci-containers.containers."n8n" = {
enable = true; image = "docker.n8n.io/n8nio/n8n";
webhookUrl = "https://wf.m3tam3re.com"; environmentFiles = [config.age.secrets.n8n-env.path];
}; ports = ["127.0.0.1:5678:5678"];
volumes = ["n8n_data:/home/node/.n8n"];
systemd.services.n8n = { extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.14" "--network=web"];
environment = {
N8N_EDITOR_BASE_URL = "https://wf.m3tam3re.com";
N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS = "false";
};
}; };
# Traefik configuration specific to n8n # Traefik configuration specific to n8n

1
hosts/m3-atlas/services/default.nix
View File

@ -5,7 +5,6 @@
./headscale.nix ./headscale.nix
./minio.nix ./minio.nix
./mysql.nix ./mysql.nix
./n8n.nix
./postgres.nix ./postgres.nix
./searx.nix ./searx.nix
./tailscale.nix ./tailscale.nix

1
secrets.nix
View File

@ -23,6 +23,7 @@ in {
"secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users; "secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users;
"secrets/m3tam3re-secrets.age".publicKeys = systems ++ users; "secrets/m3tam3re-secrets.age".publicKeys = systems ++ users;
"secrets/minio-root-cred.age".publicKeys = systems ++ users; "secrets/minio-root-cred.age".publicKeys = systems ++ users;
"secrets/n8n-env.age".publicKeys = systems ++ users;
"secrets/restreamer-env.age".publicKeys = systems ++ users; "secrets/restreamer-env.age".publicKeys = systems ++ users;
"secrets/searx.age".publicKeys = systems ++ users; "secrets/searx.age".publicKeys = systems ++ users;
"secrets/tailscale-key.age".publicKeys = systems ++ users; "secrets/tailscale-key.age".publicKeys = systems ++ users;

BIN
secrets/n8n-env.age Normal file
View File

Binary file not shown.