+ n8n + baserow

.gitignore

@@ -1,3 +1,3 @@
 /result
 *.qcow2
-#
+\#

flake.nix

@@ -19,7 +19,7 @@
       lib = nixpkgs.lib;
       homecfg = home-manager.lib.homeManagerConfiguration;
     in {
-      nixosConfigurations = {
+nixosConfigurations = {
         lkk-nix-1 = lib.nixosSystem {
           specialArgs = { inherit inputs; };
           modules = [
@@ -27,8 +27,7 @@
             agenix.nixosModules.age
           ];
         };
-      };
-      homeConfigurations = {
+      };      homeConfigurations = {
         # Laptop
         "m3tam3re@m3-nix" = {
           homecfg = {

hosts/common/base/default.nix

@@ -1,4 +1,4 @@
-{ lib, inputs, pkgs, ... }:
+{ config, lib, inputs, pkgs, system, ... }:
 {
   imports = [
     inputs.home-manager.nixosModules.home-manager
@@ -8,4 +8,8 @@
 
   # Allow unfree packages
   nixpkgs.config.allowUnfree = true;
+
+  environment.systemPackages = [
+    inputs.agenix.defaultPackage."x86_64-linux"
+  ];
 }

hosts/common/users/m3tam3re/default.nix

@@ -4,7 +4,7 @@
       "$y$j9T$wOKc3kLsQVtmmyLIN7ljV.$NvdWzwn6p8JNByHoXQqf6/GF3C0JOPHW/D0HgFLQXy4";
     isNormalUser = true;
     description = "m3tam3re";
-    extraGroups = [ "wheel" "networkmanager" "libvirtd" "flatpak" "docker" ];
+    extraGroups = [ "wheel" "networkmanager" "libvirtd" "flatpak" ];
     openssh.authorizedKeys.keys = [
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@m3-nix"
     ];

hosts/lkk-nix-1/default.nix

@@ -19,7 +19,11 @@
       from = 3000;
       to = 3100;
     }];
-    firewall.allowedTCPPorts = [ 80 443 ];
+    firewall.allowedTCPPorts = [ 80 443 5432 3478 ];
+    firewall.allowedUDPPortRanges = [ {
+      from = 3478;
+      to = 3481;
+    } ];
   };
 
   nix = {

hosts/lkk-nix-1/services/container.nix

@@ -0,0 +1,10 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [ ./containers ];
+
+  virtualisation.podman = {
+    enable = true;
+  };
+  virtualisation.oci-containers.backend = "podman";
+}

hosts/lkk-nix-1/services/containers/baserow.nix

@@ -0,0 +1,18 @@
+{
+  
+  virtualisation.oci-containers.containers."baserow" = {
+      image = "docker.io/baserow/baserow:1.13.3";
+      environment = {
+        BASEROW_PUBLIC_URL = "https://db.lanakk.com";
+      };
+      ports = [ "3001:80" ];
+      volumes = [ "baserow_data:/baserow/data" ];
+      extraOptions = [ "--add-host=postgres:10.88.0.1" ];
+  };
+  services.caddy.extraConfig = ''
+            db.lanakk.com {
+                          reverse_proxy localhost:3001
+            }
+'';
+  
+}

hosts/lkk-nix-1/services/default.nix

@@ -1,7 +1,9 @@
 {
   imports = [
     ./caddy.nix
-    ./docker.nix
+    ./container.nix
     ./gitea.nix
+    ./n8n.nix
+    ./postgres.nix
   ];
 }

hosts/lkk-nix-1/services/docker-containers/baserow.nix

@@ -1,33 +0,0 @@
-{ config, inputs, settings, ... }: {
-
-
-  age.secrets.mj-smtp-user.file = ../../../../secrets/mj-smtp-user.age;
-  age.secrets.mj-smtp-pass.file = ../../../../secrets/mj-smtp-pass.age;
-  
-  virtualisation.arion = {
-    backend = "docker"; #//TODO continue here
-  #   projects = {
-  #     "baserow" = settings.services."baserow".service = {
-  #       image = "";
-  #       restart = "unless-stopped";
-  #       environment = {
-  # BASEROW_PUBLIC_URL = "https://br.lanakk.com";
-  # POSTGRES_USER = "baserow";
-  # POSTGRES_PASSWORD = "baserow";
-  # POSTGRES_DB = "baserow";
-  # DATABASE_HOST = "postgres";
-  # DATABASE_NAME = "baserow";
-  # DATABASE_USER = "baserow";
-  # DATABASE_PASSWORD = "baserow";
-  # DATABASE_PORT = "5432";
-  # FROM_EMAIL = "hi@lanakk.com";
-  # EMAIL_SMTP =  "in-v3.mailjet.com";
-  # EMAIL_SMTP_HOST = "in-v3.mailjet.com"; 
-  # EMAIL_SMTP_PORT = "587";
-  # EMAIL_SMTP_USER = config.age.secrets.mj-smtp-user.path; 
-  # EMAIL_SMTP_PASSWORD = config.age.secrets.mj-smtp-pass.path;
-  #       };
-  #     }; 
-  #   };
-  };
-}

hosts/lkk-nix-1/services/docker.nix

@@ -1,11 +0,0 @@
-{ config, pkgs, ... }:
-{
-  virtualisation.docker = {
-    enable = true;
-    enableOnBoot = true;
-    rootless = {
-      enable = true;
-      setSocketVariable = true;
-    };
-  };
-}

hosts/lkk-nix-1/services/n8n.nix

@@ -0,0 +1,20 @@
+{
+  
+  services.n8n = {
+    enable = true;
+    openFirewall = true;
+    settings = {
+      editorBaseUrl = "https://wf.lanakk.com";
+      host = "https://wf.lanakk.com";
+    };
+  };
+  systemd.services.n8n.environment = {
+    BILLBEE_API_KEY = "12345";
+  };
+  services.caddy.extraConfig = ''
+            wf.lanakk.com {
+                          reverse_proxy localhost:5678
+            }
+'';
+
+}

hosts/lkk-nix-1/services/postgres.nix

@@ -0,0 +1,22 @@
+{ pkgs, config, ... }:
+
+{
+  services.postgresql = {
+    enable = true;
+    enableTCPIP = true;
+    package = pkgs.postgresql_15;
+    authentication = pkgs.lib.mkOverride 10 ''
+      local all all trust
+      host all all 127.0.0.1/32 trust
+      host all all ::1/128 trust
+      host all all 10.88.0.1/16 trust
+    '';
+   initialScript = pkgs.writeText "backend-initScript" ''
+     CREATE USER baserow WITH ENCRYPTED PASSWORD 'baserow';
+     CREATE DATABASE baserow;
+     GRANT ALL PRIVILEGES ON DATABASE baserow TO baserow;
+     ALTER DATABASE baserow OWNER to baserow;
+   '';
+  };
+  #  services.postgresqlBackup.enable = true;
+}