mirror of
https://github.com/anotherhadi/nixy.git
synced 2026-05-20 05:12:34 +02:00
Hadi
155 lines
4.0 KiB
Nix
155 lines
4.0 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}: let
|
|
inherit (import ../mk-container.nix {inherit lib config;}) mkContainer;
|
|
domain = config.var.domain;
|
|
hostIp = "10.233.12.1";
|
|
|
|
# Convert 6-char hex color to "H S L" string for glance (integers, no % sign)
|
|
hexToGlanceHsl = hex: let
|
|
h = lib.toLower hex;
|
|
d = c:
|
|
if c == "a"
|
|
then 10
|
|
else if c == "b"
|
|
then 11
|
|
else if c == "c"
|
|
then 12
|
|
else if c == "d"
|
|
then 13
|
|
else if c == "e"
|
|
then 14
|
|
else if c == "f"
|
|
then 15
|
|
else lib.toInt c;
|
|
byte = pos: d (builtins.substring pos 1 h) * 16 + d (builtins.substring (pos + 1) 1 h);
|
|
ri = byte 0;
|
|
gi = byte 2;
|
|
bi = byte 4;
|
|
r = ri * 1.0 / 255.0;
|
|
g = gi * 1.0 / 255.0;
|
|
b = bi * 1.0 / 255.0;
|
|
mx =
|
|
if r >= g && r >= b
|
|
then "r"
|
|
else if g >= b
|
|
then "g"
|
|
else "b";
|
|
mn =
|
|
if r <= g && r <= b
|
|
then "r"
|
|
else if g <= b
|
|
then "g"
|
|
else "b";
|
|
cmax =
|
|
if mx == "r"
|
|
then r
|
|
else if mx == "g"
|
|
then g
|
|
else b;
|
|
cmin =
|
|
if mn == "r"
|
|
then r
|
|
else if mn == "g"
|
|
then g
|
|
else b;
|
|
delta = cmax - cmin;
|
|
l = (cmax + cmin) / 2.0;
|
|
s =
|
|
if delta < 0.0001
|
|
then 0.0
|
|
else if l <= 0.5
|
|
then delta / (cmax + cmin)
|
|
else delta / (2.0 - cmax - cmin);
|
|
hue =
|
|
if delta < 0.0001
|
|
then 0.0
|
|
else if mx == "r"
|
|
then let
|
|
raw = 60.0 * (g - b) / delta;
|
|
in
|
|
if raw < 0.0
|
|
then raw + 360.0
|
|
else raw
|
|
else if mx == "g"
|
|
then 60.0 * ((b - r) / delta + 2.0)
|
|
else 60.0 * ((r - g) / delta + 4.0);
|
|
in "${toString (builtins.floor (hue + 0.5))} ${toString (builtins.floor (s * 100.0 + 0.5))} ${
|
|
toString (builtins.floor (l * 100.0 + 0.5))
|
|
}";
|
|
|
|
c = config.stylix.base16Scheme;
|
|
in {
|
|
# 0444 so the glance user inside the container can read the bind-mounted file
|
|
sops.secrets.adguard-pwd.mode = "0444";
|
|
|
|
imports = [
|
|
(mkContainer {
|
|
name = "glance";
|
|
hostIp = hostIp;
|
|
containerIp = "10.233.12.2";
|
|
internet = true;
|
|
bindMounts."/run/secrets/adguard-pwd" = {
|
|
hostPath = config.sops.secrets.adguard-pwd.path;
|
|
isReadOnly = true;
|
|
};
|
|
nixosConfig = {lib, ...}: {
|
|
_module.args.domain = domain;
|
|
_module.args.adguardUrl = "http://${hostIp}:3000";
|
|
imports = [
|
|
./home.nix
|
|
./server.nix
|
|
];
|
|
|
|
services.glance = {
|
|
enable = true;
|
|
settings = {
|
|
server = {
|
|
port = 5678;
|
|
host = "127.0.0.1";
|
|
};
|
|
theme = {
|
|
light = false;
|
|
background-color = hexToGlanceHsl c.base00; # background
|
|
primary-color = hexToGlanceHsl c.base0D; # accent (iris/purple)
|
|
positive-color = hexToGlanceHsl c.base0B; # positive (pine/teal)
|
|
negative-color = hexToGlanceHsl c.base08; # negative (love/rose)
|
|
};
|
|
};
|
|
};
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
appendHttpConfig = ''
|
|
proxy_cache_path /var/cache/nginx/glance levels=1:2 keys_zone=glance:1m inactive=30m max_size=100m;
|
|
'';
|
|
virtualHosts."glance" = {
|
|
listen = [
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 8080;
|
|
}
|
|
];
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:5678";
|
|
extraConfig = ''
|
|
proxy_cache glance;
|
|
proxy_cache_valid 200 30m;
|
|
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
|
|
add_header X-Cache-Status $upstream_cache_status;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [8080];
|
|
system.stateVersion = "24.05";
|
|
};
|
|
})
|
|
];
|
|
|
|
services.cloudflared.tunnels."${config.var.tunnelId}".ingress."home.${domain}" = "http://10.233.12.2:8080";
|
|
}
|