47 lines
1.1 KiB
Nix
47 lines
1.1 KiB
Nix
{
|
|
pkgs,
|
|
inputs,
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib; let
|
|
cfg = config.my.services.mealie;
|
|
in {
|
|
disabledModules = ["services/web-apps/mealie.nix"];
|
|
imports = ["${inputs.unstable}/nixos/modules/services/web-apps/mealie.nix"];
|
|
|
|
options.my.services.mealie = {
|
|
enable = mkEnableOption "Mealie";
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 3123;
|
|
example = 8080;
|
|
description = "HTTP port for the Mealie service.";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.mealie = {
|
|
enable = true;
|
|
inherit (cfg) port;
|
|
package = pkgs.unstable.mealie;
|
|
settings = {
|
|
BASE_URL = "https://recipes.thomasfmly.org";
|
|
|
|
# OIDC
|
|
OIDC_AUTH_ENABLED = true;
|
|
OIDC_CONFIGURATION_URL = "https://auth.thomasfmly.org/realms/gringotts/.well-known/openid-configuration";
|
|
OIDC_CLIENT_ID = "mealie";
|
|
OIDC_CLIENT_SECRET = "cBh876vWKoMgJSWLVJkVv6kPvUoNkvxD";
|
|
OIDC_GROUPS_CLAIM = "roles";
|
|
OIDC_ADMIN_GROUP = "admin";
|
|
OIDC_AUTO_REDIRECT = true;
|
|
OIDC_PROVIDER_NAME = "Keycloak";
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [cfg.port];
|
|
};
|
|
}
|