30 lines
841 B
Nix
30 lines
841 B
Nix
{ config, ... }:
|
|
let
|
|
secretFilePath = ../secrets.yaml;
|
|
in
|
|
{
|
|
sops.secrets."immich/database-password".sopsFile = secretFilePath;
|
|
|
|
# Placeholders are expanded only inside template `content` (not in arbitrary Nix strings).
|
|
sops.templates."immich-db.env" = {
|
|
content = ''
|
|
POSTGRES_PASSWORD=${config.sops.placeholder."immich/database-password"}
|
|
DB_PASSWORD=${config.sops.placeholder."immich/database-password"}
|
|
'';
|
|
};
|
|
|
|
chiasson.system.services.immich = {
|
|
enable = true;
|
|
host = "0.0.0.0";
|
|
port = 2283;
|
|
timezone = "America/Moncton";
|
|
uploadLocation = "/var/lib/immich/library";
|
|
environmentFiles = [ config.sops.templates."immich-db.env".path ];
|
|
postgres = {
|
|
user = "postgres";
|
|
#password = ""; # Defined in sops.templates."immich-db.env"
|
|
database = "immich";
|
|
};
|
|
};
|
|
}
|