{ flake, config, pkgs, lib, ... }: { age.secrets."firefly-secrets.env" = { file = "${flake.self}/secrets/firefly-secrets.env"; mode = "600"; }; age.secrets."firefly-db-secrets.env" = { file = "${flake.self}/secrets/firefly-db-secrets.env"; mode = "600"; }; age.secrets."firefly-importer-secrets.env" = { file = "${flake.self}/secrets/firefly-importer-secrets.env"; mode = "600"; }; services.caddy = { enable = true; extraConfig = '' firefly.b12f.io { reverse_proxy localhost:8080 } firefly-importer.b12f.io { reverse_proxy localhost:8081 } ''; }; systemd.services."docker-network-firefly" = let docker = config.virtualisation.oci-containers.backend; dockerBin = "${pkgs.${docker}}/bin/${docker}"; in { serviceConfig.Type = "oneshot"; before = ["docker-firefly.service"]; script = '' ${dockerBin} network inspect firefly >/dev/null 2>&1 || ${dockerBin} network create firefly --subnet 172.20.0.0/24 ''; }; virtualisation = { oci-containers = { backend = "docker"; containers."firefly" = { image = "fireflyiii/core:latest"; autoStart = true; volumes = [ "/var/lib/firefly/upload:/var/www/html/storage/upload" ]; extraOptions = [ "--network=firefly" ]; environmentFiles = [ ./.env.firefly config.age.secrets."firefly-secrets.env".path ]; ports = [ "8080:8080" ]; dependsOn = [ "firefly-db" ]; }; containers."firefly-db" = { image = "postgres:16"; autoStart = true; volumes = [ "/var/lib/firefly/db:/var/lib/postgresql/data" ]; extraOptions = [ "--network=firefly" ]; environmentFiles = [ config.age.secrets."firefly-db-secrets.env".path ]; }; containers."firefly-importer" = { image = "fireflyiii/data-importer:latest"; autoStart = true; volumes = [ "/var/lib/firefly/db:/var/lib/postgresql/data" ]; extraOptions = [ "--network=firefly" ]; ports = [ "8081:8080" ]; environmentFiles = [ config.age.secrets."firefly-importer-secrets.env".path ]; dependsOn = [ "firefly" ]; }; # containers."cron" = { # image = "alpine"; # autoStart = true; # command = ''sh -c "echo \"0 3 * * * wget -qO- http://firefly:8080/api/v1/cron/REPLACEME\" | crontab - && crond -f -L /dev/stdout"''; # extraOptions = [ "--network=firefly" ]; # }; }; }; }