feat: add VW on fly (#116)
This commit is contained in:
parent
2f1fbd6193
commit
f036f6b386
4 changed files with 85 additions and 2 deletions
2
.github/renovate.json5
vendored
2
.github/renovate.json5
vendored
|
@ -22,7 +22,7 @@
|
||||||
|
|
||||||
"regexManagers": [
|
"regexManagers": [
|
||||||
{
|
{
|
||||||
fileMatch: ["^.*\\.nix$"],
|
fileMatch: ["^.*\\.nix$", "^.*\\.toml$"],
|
||||||
matchStrings: [
|
matchStrings: [
|
||||||
'image *= *"(?<depName>.*?):(?<currentValue>.*?)(@(?<currentDigest>sha256:[a-f0-9]+))?";',
|
'image *= *"(?<depName>.*?):(?<currentValue>.*?)(@(?<currentDigest>sha256:[a-f0-9]+))?";',
|
||||||
],
|
],
|
||||||
|
|
|
@ -83,7 +83,7 @@ nix eval .#nixosConfigurations.rickenbacker.config.security.sudo.WheelNeedsPassw
|
||||||
nix eval .#nixosConfigurations.rickenbacker.config.mySystem.security.wheelNeedsPassword
|
nix eval .#nixosConfigurations.rickenbacker.config.mySystem.security.wheelNeedsPassword
|
||||||
```
|
```
|
||||||
|
|
||||||
And browsing whats at a certain level in options.
|
And browsing whats at a certain level in options - or just use [nix-inspect](https://github.com/bluskript/nix-inspect) TUI
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
nix eval .#nixosConfigurations.rickenbacker.config.home-manager.users.truxnell --apply builtins.attrNames --json
|
nix eval .#nixosConfigurations.rickenbacker.config.home-manager.users.truxnell --apply builtins.attrNames --json
|
||||||
|
|
30
flyio/vaultwarden/flake.nix
Normal file
30
flyio/vaultwarden/flake.nix
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{
|
||||||
|
description = "My nixos homelab";
|
||||||
|
|
||||||
|
inputs = {
|
||||||
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
|
||||||
|
};
|
||||||
|
outputs ={
|
||||||
|
self
|
||||||
|
, nixpkgs
|
||||||
|
, sops-nix
|
||||||
|
, home-manager
|
||||||
|
, nix-vscode-extensions
|
||||||
|
, ...
|
||||||
|
} @ inputs:
|
||||||
|
|
||||||
|
let
|
||||||
|
inherit (self) outputs;
|
||||||
|
forAllSystems = nixpkgs.lib.genAttrs [
|
||||||
|
"aarch64-linux"
|
||||||
|
"x86_64-linux"
|
||||||
|
];
|
||||||
|
|
||||||
|
in
|
||||||
|
{
|
||||||
|
devShells.default = pkgs.mkShell {
|
||||||
|
packages = [
|
||||||
|
pkgs.flyctl
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
53
flyio/vaultwarden/fly.toml
Normal file
53
flyio/vaultwarden/fly.toml
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
app = "voltaicforge-vaultwarden"
|
||||||
|
primary_region = "syd"
|
||||||
|
kill_signal = "SIGINT"
|
||||||
|
kill_timeout = "5s"
|
||||||
|
|
||||||
|
[experimental]
|
||||||
|
auto_rollback = true
|
||||||
|
|
||||||
|
[build]
|
||||||
|
image = "vaultwarden/server:1.28.1@sha256:04691aaf1d8531ccb796de620841c030ecfd45613388a2e6a6a9434dc5d14d9d"
|
||||||
|
|
||||||
|
[env]
|
||||||
|
DATABASE_URL = "data/db.sqlite3"
|
||||||
|
PASSWORD_ITERATIONS = "2000000"
|
||||||
|
PRIMARY_REGION = "syd"
|
||||||
|
SIGNUPS_ALLOWED = "false"
|
||||||
|
INVITATIONS_ALLOWED = "true"
|
||||||
|
SMTP_FROM_NAME = "Vault"
|
||||||
|
SMTP_SECURITY = "off"
|
||||||
|
SMTP_SSL = "true"
|
||||||
|
TZ = "Australia/Melbourne"
|
||||||
|
WEB_VAULT_ENABLED = "true"
|
||||||
|
WEB_VAULT_FOLDER = "web-vault"
|
||||||
|
DATA_FOLDER = "data"
|
||||||
|
|
||||||
|
[[mounts]]
|
||||||
|
source = "vw_data_machines"
|
||||||
|
destination = "/data"
|
||||||
|
processes = ["app"]
|
||||||
|
|
||||||
|
[[services]]
|
||||||
|
protocol = "tcp"
|
||||||
|
internal_port = 80
|
||||||
|
processes = ["app"]
|
||||||
|
|
||||||
|
[[services.ports]]
|
||||||
|
port = 80
|
||||||
|
handlers = ["http"]
|
||||||
|
force_https = true
|
||||||
|
|
||||||
|
[[services.ports]]
|
||||||
|
port = 443
|
||||||
|
handlers = ["tls", "http"]
|
||||||
|
[services.concurrency]
|
||||||
|
type = "connections"
|
||||||
|
hard_limit = 25
|
||||||
|
soft_limit = 20
|
||||||
|
|
||||||
|
[[services.tcp_checks]]
|
||||||
|
interval = "15s"
|
||||||
|
timeout = "2s"
|
||||||
|
grace_period = "1s"
|
||||||
|
restart_limit = 0
|
Reference in a new issue