From f21693e76c5e49c3541bda34f36e54663a7ba292 Mon Sep 17 00:00:00 2001
From: m3tam3re <m@m3tam3re.com>
Date: Sun, 12 Feb 2023 16:03:03 +0100
Subject: [PATCH] briefkasten

---
 hosts/lkk-nix-1/default.nix                   |   4 +++
 .../services/containers/briefkasten.nix       |   8 ++++++
 .../lkk-nix-1/services/containers/default.nix |   1 +
 hosts/lkk-nix-1/services/traefik.nix          |  23 +++++++++++++++---
 secrets.nix                                   |   2 ++
 secrets/briefkasten-env.age                   | Bin 0 -> 1023 bytes
 6 files changed, 34 insertions(+), 4 deletions(-)
 create mode 100644 hosts/lkk-nix-1/services/containers/briefkasten.nix
 create mode 100644 secrets/briefkasten-env.age

diff --git a/hosts/lkk-nix-1/default.nix b/hosts/lkk-nix-1/default.nix
index a5cfdfa..c30f519 100644
--- a/hosts/lkk-nix-1/default.nix
+++ b/hosts/lkk-nix-1/default.nix
@@ -57,6 +57,10 @@
         file = ../../secrets/wg-easy-environmentFile.age;
         mode = "770";
       };
+      briefkasten-env = {
+        file = ../../secrets/briefkasten-env.age;
+        mode = "770";
+      };
     };
     identityPaths = [ "/home/m3tam3re/.ssh/lkk-nix-1" ];
   };
diff --git a/hosts/lkk-nix-1/services/containers/briefkasten.nix b/hosts/lkk-nix-1/services/containers/briefkasten.nix
new file mode 100644
index 0000000..28b8ce0
--- /dev/null
+++ b/hosts/lkk-nix-1/services/containers/briefkasten.nix
@@ -0,0 +1,8 @@
+{ config, outputs, ... }: {
+  virtualisation.oci-containers.containers."briefkasten" = {
+    image = "docker.io/ndom91/briefkasten";
+    environmentFiles = [ config.age.secrets.briefkasten-env.path ];    
+    ports = [ "3009:3000" ];
+    extraOptions = [ "--add-host=postgres:10.88.0.1" ];
+  };
+}
diff --git a/hosts/lkk-nix-1/services/containers/default.nix b/hosts/lkk-nix-1/services/containers/default.nix
index aade6c9..028b182 100644
--- a/hosts/lkk-nix-1/services/containers/default.nix
+++ b/hosts/lkk-nix-1/services/containers/default.nix
@@ -1,6 +1,7 @@
 {
   imports = [
     ./baserow.nix
+    ./briefkasten.nix
     ./matomo.nix
     ./nextcloud.nix
     ./wordpress.nix
diff --git a/hosts/lkk-nix-1/services/traefik.nix b/hosts/lkk-nix-1/services/traefik.nix
index 2fc815d..7a46b4e 100644
--- a/hosts/lkk-nix-1/services/traefik.nix
+++ b/hosts/lkk-nix-1/services/traefik.nix
@@ -44,13 +44,19 @@
           baserow.loadBalancer.servers = [{ url = "http://localhost:3001/"; }];
           gitea.loadBalancer.servers = [{ url = "http://localhost:3000/"; }];
           n8n.loadBalancer.servers = [{ url = "http://localhost:5678/"; }];
-          lanakk_blog.loadBalancer.servers = [{ url = "http://localhost:3002/"; }];
+          lanakk_blog.loadBalancer.servers =
+            [{ url = "http://localhost:3002/"; }];
           matomo.loadBalancer.servers = [{ url = "http://localhost:3003/"; }];
           searx.loadBalancer.servers = [{ url = "http://localhost:3004/"; }];
-          nextcloud.loadBalancer.servers = [{ url = "http://localhost:3005/"; }];
-          invidious.loadBalancer.servers = [{ url = "http://localhost:3006/"; }];
-          wireguard.loadBalancer.servers = [{ url = "http://localhost:3007/"; }];
+          nextcloud.loadBalancer.servers =
+            [{ url = "http://localhost:3005/"; }];
+          invidious.loadBalancer.servers =
+            [{ url = "http://localhost:3006/"; }];
+          wireguard.loadBalancer.servers =
+            [{ url = "http://localhost:3007/"; }];
           adguard.loadBalancer.servers = [{ url = "http://localhost:3008/"; }];
+          briefkasten.loadBalancer.servers =
+            [{ url = "http://localhost:3009/"; }];
         };
         routers = {
           api = {
@@ -150,6 +156,15 @@
             middlewares = "auth";
             entrypoints = "websecure";
           };
+          briefkasten = {
+            rule = "Host(`bm.lanakk.com`)";
+            tls = {
+              certResolver = "godaddy";
+              domains = "bm.lanakk.com";
+            };
+            service = "briefkasten";
+            entrypoints = "websecure";
+          };
         };
       };
     };
diff --git a/secrets.nix b/secrets.nix
index b06af93..3f2a359 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -12,4 +12,6 @@ in {
   "searx-environmentFile.age".publicKeys = [ root ];
 
   "wg-easy-environmentFile.age".publicKeys = [ root ];
+  
+  "briefkasten-env.age".publicKeys = [ root ];
 }
diff --git a/secrets/briefkasten-env.age b/secrets/briefkasten-env.age
new file mode 100644
index 0000000000000000000000000000000000000000..d43467276d2939587ab3543364e6eaa121a5c562
GIT binary patch
literal 1023
zcmWmCZEq6=003Z_2y!7Tum#zKrDmCKsonK%y|(8fv+ecTYp?C~*6Vtw%(QpcyI!w%
zz4qE`tB4B$m1HbvgqbP6u_)-w;$n=zGzN{4=y>r1L^0VwV+<xFFpP;WsDI%3^kgN`
zA!>Z3SvCv0HmFx5unqx^owjOKc2ufa8<tdq9t+TXH41K2WH?_;2>u}|Vv!;HD1*if
zR-@!>%+1FMd(H{PsuV_&R*07*d&Hlqv9wGTDrgjd6e<%G>0&U;W%y9d$}5&tRpm-O
zX-asjs<0;0V#6H5qukJ#Csa(u$GpW{fa7%65NbvVz^4}=IU4klC=1ariZhK&yyY<k
zLlIQfD3pV+m=%PqPp4~!3(09UAsh9Ia)6>+s%jB6z}YBMF-~m3MbVS6i_J8LImdz-
z3{MZ?go&gLDN<nk{1}5GUKTGTB_{Wu&84Fyk5DgzO`s5r=lv{$gehti!f}Z<bR5pQ
zRfCpvN@fCBB;oUFQ8CLpxsnoZDhef|ehB68h-lBGT!2A=vdfn!2jx1?=tL5B+cC)R
zp<F%<g!mXuI(dl;(@v;Cx{(rv(1fI779kOWt6<m#7O-1lvH=s8FGgj(eBI;ErF^wk
zj4B9<GCJCzL@g~u$s&&FV8IA;a?+lMc`||2NoUax6{CPsVxxsn69;86N`QhJP19x8
z6>!$&2Co{y0B8tR9RraV%$VLlqUqr^w^}zb%}`5V1J{B7YxFw@{P{kIR1vdP(WWZl
z-I0K3>m5(UNZSLXtF+7Z$ZoSiHi0CFE2Wy1z%53jgSl3bs0WhuFp9-_z~OM%V6!0`
zkOpV)q8R{Hh6o^L3n`67>6C>fVxpO-8cN0MOged>eMatNk-(-IPw#AL$I7-hwve;v
zj=yH-<R_lij=s0#@9F2Ymtr&Eocey(!KIOP<mYpZ%l}+llR7#1!OGM~$D8Kz-Rqaz
zk`vcozy90w&y{B$JTtkb=hUVXM^fXZ#}>9b4!@v(`*nNwy5}#AoHp<I$Tzt2zR1Xn
z^KE_HqUXY~Qwz#B@SV(C{>(U3`@LuQGo$19#EB2LKfbzm`h0);RTS>*yEWdk_0EQT
z<A=^(Ys>u;=X&Hl$g{u9L)QlLuVRbC?;QWNR@wOEmpAG4sk_RZllOWj_IVD}Z_!7u
zz~2u{?VEq}{M`Jo^wm^x!~Ul>FSqSK3v_jLJY+v`lR0)sa@J0M`cwD9g|}Be-um3Y
z+DI32TkSsc$w6Zy^YZGhfz`!Jf56{qdVxNIySkQMyVf>+W6zDfBFtXN<u6~|ycD9p
Z*!Jg-hu1#*_t|qX-z&G7)9+qv`xhQ)d<_5q

literal 0
HcmV?d00001