From a3719416f3c8d03c8decc7af7ad05c8d72113bda Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 15:27:20 -0500 Subject: [PATCH 01/23] feat: added prompter --- secrets/secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 004a563..a3599e7 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -50,7 +50,7 @@ firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R opencloud: env: ENC[AES256_GCM,data:JZOs+86/jhHtXuOb4fsk4ceZuFpSa6PAMN2/vmGlvlXvsx/Yk2ZXeZZU0jtwweN8Sk61A2538OdPpfKynBgwsZ2SgoxAIyJtQl3HZWdZzNZ6+/t+AFvvav/x9nUv1O5704FP5OYOMniQAmqu0ds0JIX3YV/cstoo+rNhNW2emlVhj2ABYhTxy0BFJ8A+Re9y5FN5WT4tmloF/21ZrIwtTw8ULQPCksJfTFwEE+cCN3aIWZn00/4zUuv6CEtZeKeOeLxgQL+G2pPhNrQzG+lw+AKLzXA2mJM+3Zfq0MplyXeFCLkV1GCHksrMPp2w5j2RdtfcdE9IP+tXoD/fZNfYgCK1Pk/JhkXcV9EPbz4KUL/+OpgFqh+RvKGPXH2iTV0B8t2Ag7NowxULI2jKw0c=,iv:1ClzjY1n48cQ9bdBewM5A5Lr/c13HbSSYJ7xYCwZDzA=,tag:FavwE2sX+wSgKOEpywFeMw==,type:str] caddy: - prompter-auth: ENC[AES256_GCM,data:KsbdZqs3cTTB4gFBlwosY64axFx+Qe+Q1Ulch2YZJXr3L8Jf05luWsbd1+MS7ZxO0C1M9lryNqFTynAntyp4gXSvN3f8/saAHmiG4Y2jlT8OLaqjZULw1TOlsDXK6CeQkyD6LO6jKrtBEPjS,iv:IBbV0+/ENY/pwn5xfxVPKwn4YpwGmZnRtmA86sppabw=,tag:9YbeHqXFi2KyvuEKgQx9sQ==,type:str] + prompter-auth: ENC[AES256_GCM,data:xt+pov0PWr02uZOQy2Tm46gciPC2LYYEZYaDeNQG7x+s5CrHRPHSeAixEM1mUPdJwqyVAhPlty4YowKY4u4E4aewgvksGsNn588ILHYwbcZz/C5HrCJ1lyvbWoxYnk52ZqippCC13K/0Y9ts,iv:c4vjutvHKq8oH+GmPg4RrfTPDfHVjqyqlIRKzi9fQuU=,tag:nrn+2rp2HBGT8+BmwFJnQQ==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -62,7 +62,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-27T19:49:15Z" - mac: ENC[AES256_GCM,data:G8wx83DyZRoq7LFazBNzBk/KCg2uYZ4XBCXH9vPDIIdycKdpKd5/Akh1LcPZg8f7bB4BfmENrFY3pG0CE/J9Xev5O+UHof/z+PNp0bTEQDses0XgCZCeeaOykERtzflibQwj0gOeMfO9a5h5wzLi8Qlk53uQXnoPn+jb3x/sE3Y=,iv:BsMg/NPCIO13bHLPtREewbthnPBk4rC4KZRyeM5yHN4=,tag:LN89FZVpF5IwdqHAjCtz8Q==,type:str] + lastmodified: "2025-07-27T20:27:11Z" + mac: ENC[AES256_GCM,data:oepiCj/jv4PZt3I4q8bVxQ+9Xg6HneKW4ylJw0wGRR1xlnME5v/QcQUgXfwvaKV4TkDy6pB15yaRFq0ZFuysddcFguvJd51GJZEy/rmlTDcenXAl9SM1FZb5kt/ToQxerLXbSMzmTTAB4zhFN6wWAFhilXJDGO+6A/uMM8pzee8=,iv:Y7gYV96znIV+NVXSUlG5vKN3HvYIKI4CIgeYR+uIkUg=,tag:djnKwSi7r1utpqJrIq+iTw==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From d443dc59539c6a0e29b23353faeb42f53b59ae84 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 15:53:58 -0500 Subject: [PATCH 02/23] feat: added prompter --- modules/nixos/services/prompter/default.nix | 22 ++++++++------------- secrets/secrets.yaml | 6 +++--- 2 files changed, 11 insertions(+), 17 deletions(-) diff --git a/modules/nixos/services/prompter/default.nix b/modules/nixos/services/prompter/default.nix index 7a2393d..f822cf6 100644 --- a/modules/nixos/services/prompter/default.nix +++ b/modules/nixos/services/prompter/default.nix @@ -9,7 +9,7 @@ in { services = { caddy = { - environmentFile = config.sops.secrets."caddy/prompter-auth".path; + environmentFile = config.sops.secrets."caddy/${service.name}-auth".path; virtualHosts = { "${host}" = { @@ -30,23 +30,17 @@ in sops = let sopsPath = secret: { - path = "${service.sops.path0}/${service.name}-${secret}"; - owner = "root"; - mode = "600"; + path = "${service.sops.path0}/${service.name}-${secret}.env"; + owner = "caddy"; + mode = "0400"; }; in { - secrets = builtins.listToAttrs ( - map - (secret: { - name = "caddy/${secret}"; - value = sopsPath secret; - }) - [ - "${service.name}-auth" - ] - ); + secrets = { + "caddy/${service.name}-auth" = sopsPath "auth"; + }; }; + systemd.tmpfiles.rules = [ "Z ${service.paths.path0} 755 caddy caddy -" "Z ${service.sops.path0} 755 caddy caddy -" diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index a3599e7..608cb9e 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -50,7 +50,7 @@ firefly-iii-pass: ENC[AES256_GCM,data:eJwIM4YHnXTqTOUfU/0CKMSS534VEZIxkBviI1pd7R opencloud: env: ENC[AES256_GCM,data:JZOs+86/jhHtXuOb4fsk4ceZuFpSa6PAMN2/vmGlvlXvsx/Yk2ZXeZZU0jtwweN8Sk61A2538OdPpfKynBgwsZ2SgoxAIyJtQl3HZWdZzNZ6+/t+AFvvav/x9nUv1O5704FP5OYOMniQAmqu0ds0JIX3YV/cstoo+rNhNW2emlVhj2ABYhTxy0BFJ8A+Re9y5FN5WT4tmloF/21ZrIwtTw8ULQPCksJfTFwEE+cCN3aIWZn00/4zUuv6CEtZeKeOeLxgQL+G2pPhNrQzG+lw+AKLzXA2mJM+3Zfq0MplyXeFCLkV1GCHksrMPp2w5j2RdtfcdE9IP+tXoD/fZNfYgCK1Pk/JhkXcV9EPbz4KUL/+OpgFqh+RvKGPXH2iTV0B8t2Ag7NowxULI2jKw0c=,iv:1ClzjY1n48cQ9bdBewM5A5Lr/c13HbSSYJ7xYCwZDzA=,tag:FavwE2sX+wSgKOEpywFeMw==,type:str] caddy: - prompter-auth: ENC[AES256_GCM,data:xt+pov0PWr02uZOQy2Tm46gciPC2LYYEZYaDeNQG7x+s5CrHRPHSeAixEM1mUPdJwqyVAhPlty4YowKY4u4E4aewgvksGsNn588ILHYwbcZz/C5HrCJ1lyvbWoxYnk52ZqippCC13K/0Y9ts,iv:c4vjutvHKq8oH+GmPg4RrfTPDfHVjqyqlIRKzi9fQuU=,tag:nrn+2rp2HBGT8+BmwFJnQQ==,type:str] + prompter-auth: ENC[AES256_GCM,data:uEj6gruCfcIRoCQY9eNcOka+PAIIhAlKnI+ehZ88aZo90tINcxZ7ZvKqlTJr4rt5o+EO7rvRJcYH/s8/+piszFyxSa64Rtq5KdAjfHnRm0QM8q/2JIHnZsQC3fPz1S177WPs/c3Eydh4VeVe,iv:ZOru4ABFgIy9DoTlMl3InSf8zM1ERNpbRNLN6vy97Jc=,tag:5v3w7kvFQCEPBjchE8K0cw==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -62,7 +62,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-27T20:27:11Z" - mac: ENC[AES256_GCM,data:oepiCj/jv4PZt3I4q8bVxQ+9Xg6HneKW4ylJw0wGRR1xlnME5v/QcQUgXfwvaKV4TkDy6pB15yaRFq0ZFuysddcFguvJd51GJZEy/rmlTDcenXAl9SM1FZb5kt/ToQxerLXbSMzmTTAB4zhFN6wWAFhilXJDGO+6A/uMM8pzee8=,iv:Y7gYV96znIV+NVXSUlG5vKN3HvYIKI4CIgeYR+uIkUg=,tag:djnKwSi7r1utpqJrIq+iTw==,type:str] + lastmodified: "2025-07-27T20:53:53Z" + mac: ENC[AES256_GCM,data:xXwsCvG/p0Mrn6NXuWX5gXBvB+9qXsU4S2d9BxByp9Ip2vdmRzbL7Y7rwEkH92bS7p+yPuPF8lVnuMEpTEnlI82cEsag7FaZEfiK2jsZr8iSKnN/nwthTfc9j3GeYyy4KziTyyvJZRv0D3KyeUsjHswgXoGPskrX9gKcLJOa76o=,iv:tt8WSHvGCK5XytyH55obHHrFEqPZex8kI/tynmG8CoY=,tag:qFhiTwq/npRsXVqqid6Dlg==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From 67537dc5490c0ffd318424f75535f9bb1a9cc6d8 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 17:52:29 -0500 Subject: [PATCH 03/23] feat: added comfyui to caddy --- modules/config/instances/config/comfyui.nix | 14 +++- modules/nixos/services/acme/default.nix | 1 + secrets/secrets.yaml | 5 +- systems/ceres/config/comfyui.nix | 77 +++++++++++---------- 4 files changed, 56 insertions(+), 41 deletions(-) diff --git a/modules/config/instances/config/comfyui.nix b/modules/config/instances/config/comfyui.nix index b476b6f..5630e01 100755 --- a/modules/config/instances/config/comfyui.nix +++ b/modules/config/instances/config/comfyui.nix @@ -1,7 +1,7 @@ { moduleFunctions }: let inherit (moduleFunctions.instancesFunctions) - domain3 + domain0 servicePath sslPath sopsPath @@ -9,15 +9,20 @@ let label = "ComfyUI"; name = "comfyui"; + subdomain = "comfyui"; + domain = "${subdomain}.${domain0}"; in { label = label; name = name; short = label; - sops = { path0 = "${sopsPath}/${name}"; }; + domains = { + url0 = domain; + }; + subdomain = subdomain; tags = [ name "comfy" @@ -29,5 +34,8 @@ in ports = { port0 = 8188; }; - + ssl = { + cert = "${sslPath}/${domain0}/fullchain.pem"; + key = "${sslPath}/${domain0}/key.pem"; + }; } diff --git a/modules/nixos/services/acme/default.nix b/modules/nixos/services/acme/default.nix index 4a4adf6..18028c5 100755 --- a/modules/nixos/services/acme/default.nix +++ b/modules/nixos/services/acme/default.nix @@ -43,6 +43,7 @@ in "vaultwarden" "opencloud" "prompter" + "comfyui" ] ) ++ (map diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 608cb9e..e63538c 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -51,6 +51,7 @@ opencloud: env: ENC[AES256_GCM,data:JZOs+86/jhHtXuOb4fsk4ceZuFpSa6PAMN2/vmGlvlXvsx/Yk2ZXeZZU0jtwweN8Sk61A2538OdPpfKynBgwsZ2SgoxAIyJtQl3HZWdZzNZ6+/t+AFvvav/x9nUv1O5704FP5OYOMniQAmqu0ds0JIX3YV/cstoo+rNhNW2emlVhj2ABYhTxy0BFJ8A+Re9y5FN5WT4tmloF/21ZrIwtTw8ULQPCksJfTFwEE+cCN3aIWZn00/4zUuv6CEtZeKeOeLxgQL+G2pPhNrQzG+lw+AKLzXA2mJM+3Zfq0MplyXeFCLkV1GCHksrMPp2w5j2RdtfcdE9IP+tXoD/fZNfYgCK1Pk/JhkXcV9EPbz4KUL/+OpgFqh+RvKGPXH2iTV0B8t2Ag7NowxULI2jKw0c=,iv:1ClzjY1n48cQ9bdBewM5A5Lr/c13HbSSYJ7xYCwZDzA=,tag:FavwE2sX+wSgKOEpywFeMw==,type:str] caddy: prompter-auth: ENC[AES256_GCM,data:uEj6gruCfcIRoCQY9eNcOka+PAIIhAlKnI+ehZ88aZo90tINcxZ7ZvKqlTJr4rt5o+EO7rvRJcYH/s8/+piszFyxSa64Rtq5KdAjfHnRm0QM8q/2JIHnZsQC3fPz1S177WPs/c3Eydh4VeVe,iv:ZOru4ABFgIy9DoTlMl3InSf8zM1ERNpbRNLN6vy97Jc=,tag:5v3w7kvFQCEPBjchE8K0cw==,type:str] + comfyui-auth: ENC[AES256_GCM,data:YkHxbW/0zTmnrggXKl2jNO4OnBaepmCwB3ZC6d8MPIKf8snWJzAvTq5+X5ABzziwKaypHRTcS6vuNntxKrrD8DS7hX9DqVCZc5WeFHI6S5VzHh3SprW2MF4E8nm4Hj+VHoKGmRSSOU1cfX3J,iv:v0Pid0BCY2QsMNaahBvJd4WWZD115JDLHlOCQvPiaGU=,tag:gpsAgt052NoOyIa9WqJXyg==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -62,7 +63,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-27T20:53:53Z" - mac: ENC[AES256_GCM,data:xXwsCvG/p0Mrn6NXuWX5gXBvB+9qXsU4S2d9BxByp9Ip2vdmRzbL7Y7rwEkH92bS7p+yPuPF8lVnuMEpTEnlI82cEsag7FaZEfiK2jsZr8iSKnN/nwthTfc9j3GeYyy4KziTyyvJZRv0D3KyeUsjHswgXoGPskrX9gKcLJOa76o=,iv:tt8WSHvGCK5XytyH55obHHrFEqPZex8kI/tynmG8CoY=,tag:qFhiTwq/npRsXVqqid6Dlg==,type:str] + lastmodified: "2025-07-27T22:50:42Z" + mac: ENC[AES256_GCM,data:iu/l4hWqbT4yZJEmtuAdHKlP5pAmTkjHsCO4el5gOGFi+oRf3cYhXVu11H4NcPP8MHdajvRb9ly+QeQyBdWcgKwVrTHFvSMy/V95gC1Z5nP7sW/uV8hLeMQ/R+mj3a+Dho5fgjbgOubCF8gYj5vckcjJvq0bAxqTBZjqDAu6QQM=,iv:DMZiLphm//e4e9x76Cez/HKubSLbll27nVmMYNuwNuk=,tag:6mN0YyYtBHHKjzNszGh9Yg==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 371bee3..5c18767 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -4,54 +4,59 @@ flake, ... }: + let - inherit (flake.config.machines.devices) - ceres - ; - inherit (flake.config.services.instances) - comfyui - web - ; + inherit (flake.config.services.instances) comfyui web; service = comfyui; localhost = web.localhost.address1; + host = service.domains.url0; in { nixpkgs.overlays = [ flake.inputs.nix-comfyui.overlays.default ]; - services.comfyui = { - enable = true; - openFirewall = true; - host = localhost; - package = pkgs.comfyuiPackages.comfyui.override { - extensions = with pkgs.comfyuiPackages.extensions; [ - acly-inpaint - acly-tooling - cubiq-ipadapter-plus - fannovel16-controlnet-aux - ]; - commandLineArgs = [ - "--preview-method" - "auto" - ]; + services = { + comfyui = { + enable = true; + openFirewall = true; + host = localhost; + package = pkgs.comfyuiPackages.comfyui.override { + extensions = with pkgs.comfyuiPackages.extensions; [ + acly-inpaint + acly-tooling + cubiq-ipadapter-plus + fannovel16-controlnet-aux + ]; + commandLineArgs = [ + "--preview-method" + "auto" + ]; + }; + }; + caddy = { + environmentFile = config.sops.secrets."caddy/${service.name}-auth".path; + + virtualHosts = { + "${host}" = { + extraConfig = '' + basicauth { + {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + } + root * ${service.paths.path0} + file_server + encode gzip + try_files {path} /index.html + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; }; }; - # fileSystems."/var/lib/${service.name}" = { - # device = service.paths.path0; - # fsType = "none"; - # options = [ - # "bind" - # ]; - # depends = [ - # ceres.storage0.mount - # ]; - # }; - # systemd.tmpfiles.rules = [ - # "Z ${service.paths.path0} 755 ${service.name} ${service.name} -" - # "Z ${service.sops.path0} 755 ${service.name} ${service.name} -" - # ]; + systemd.tmpfiles.rules = [ + "Z ${service.sops.path0} 755 caddy caddy -" + ]; users.users.${service.name}.extraGroups = [ "users" From 7a35ad834dedf54716cb6683c9df96341f61f4cc Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 17:53:36 -0500 Subject: [PATCH 04/23] feat: added comfyui to caddy --- systems/ceres/config/comfyui.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 5c18767..18cb5b0 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -54,6 +54,20 @@ in }; }; + sops = + let + sopsPath = secret: { + path = "${service.sops.path0}/${service.name}-${secret}.env"; + owner = "caddy"; + mode = "0400"; + }; + in + { + secrets = { + "caddy/${service.name}-auth" = sopsPath "auth"; + }; + }; + systemd.tmpfiles.rules = [ "Z ${service.sops.path0} 755 caddy caddy -" ]; From 41c9397735d38ab116173c9dc2557d84fc03c790 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 18:07:10 -0500 Subject: [PATCH 05/23] feat: added comfyui to caddy --- modules/nixos/services/prompter/default.nix | 2 +- systems/ceres/config/comfyui.nix | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/modules/nixos/services/prompter/default.nix b/modules/nixos/services/prompter/default.nix index f822cf6..b38e0dd 100644 --- a/modules/nixos/services/prompter/default.nix +++ b/modules/nixos/services/prompter/default.nix @@ -9,11 +9,11 @@ in { services = { caddy = { - environmentFile = config.sops.secrets."caddy/${service.name}-auth".path; virtualHosts = { "${host}" = { extraConfig = '' + envfile ${config.sops.secrets."caddy/${service.name}-auth".path} basicauth { {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} } diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 18cb5b0..6fe189c 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -35,18 +35,17 @@ in }; }; caddy = { - environmentFile = config.sops.secrets."caddy/${service.name}-auth".path; virtualHosts = { "${host}" = { extraConfig = '' + envfile ${config.sops.secrets."caddy/${service.name}-auth".path} basicauth { {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} } - root * ${service.paths.path0} - file_server - encode gzip - try_files {path} /index.html + + reverse_proxy ${localhost}:${toString service.ports.port0} + tls ${service.ssl.cert} ${service.ssl.key} ''; }; From ad3a9e1a26a1e93ce1e077d78b9ec764480698e1 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 18:10:48 -0500 Subject: [PATCH 06/23] feat: added comfyui to caddy --- modules/nixos/services/prompter/default.nix | 3 +-- systems/ceres/config/comfyui.nix | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/nixos/services/prompter/default.nix b/modules/nixos/services/prompter/default.nix index b38e0dd..619228c 100644 --- a/modules/nixos/services/prompter/default.nix +++ b/modules/nixos/services/prompter/default.nix @@ -9,13 +9,12 @@ in { services = { caddy = { - virtualHosts = { "${host}" = { extraConfig = '' envfile ${config.sops.secrets."caddy/${service.name}-auth".path} basicauth { - {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + import ${config.sops.secrets."caddy/${service.name}-auth".path} } root * ${service.paths.path0} file_server diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 6fe189c..0f656ef 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -41,7 +41,7 @@ in extraConfig = '' envfile ${config.sops.secrets."caddy/${service.name}-auth".path} basicauth { - {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + import ${config.sops.secrets."caddy/${service.name}-auth".path} } reverse_proxy ${localhost}:${toString service.ports.port0} From ca798e7e5db1e329b7455ba10109f3e92787a974 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 18:11:02 -0500 Subject: [PATCH 07/23] feat: added comfyui to caddy --- modules/nixos/services/prompter/default.nix | 1 - systems/ceres/config/comfyui.nix | 1 - 2 files changed, 2 deletions(-) diff --git a/modules/nixos/services/prompter/default.nix b/modules/nixos/services/prompter/default.nix index 619228c..af01775 100644 --- a/modules/nixos/services/prompter/default.nix +++ b/modules/nixos/services/prompter/default.nix @@ -12,7 +12,6 @@ in virtualHosts = { "${host}" = { extraConfig = '' - envfile ${config.sops.secrets."caddy/${service.name}-auth".path} basicauth { import ${config.sops.secrets."caddy/${service.name}-auth".path} } diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 0f656ef..2588aef 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -39,7 +39,6 @@ in virtualHosts = { "${host}" = { extraConfig = '' - envfile ${config.sops.secrets."caddy/${service.name}-auth".path} basicauth { import ${config.sops.secrets."caddy/${service.name}-auth".path} } From 09a546cf7cb5756be7a36b3cbb1fa9b546a0c78c Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 18:22:08 -0500 Subject: [PATCH 08/23] feat: added comfyui to caddy --- modules/nixos/services/prompter/default.nix | 4 +++- systems/ceres/config/comfyui.nix | 18 ++---------------- 2 files changed, 5 insertions(+), 17 deletions(-) diff --git a/modules/nixos/services/prompter/default.nix b/modules/nixos/services/prompter/default.nix index af01775..f822cf6 100644 --- a/modules/nixos/services/prompter/default.nix +++ b/modules/nixos/services/prompter/default.nix @@ -9,11 +9,13 @@ in { services = { caddy = { + environmentFile = config.sops.secrets."caddy/${service.name}-auth".path; + virtualHosts = { "${host}" = { extraConfig = '' basicauth { - import ${config.sops.secrets."caddy/${service.name}-auth".path} + {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} } root * ${service.paths.path0} file_server diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 2588aef..5354f71 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -35,12 +35,11 @@ in }; }; caddy = { - virtualHosts = { "${host}" = { extraConfig = '' basicauth { - import ${config.sops.secrets."caddy/${service.name}-auth".path} + {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} } reverse_proxy ${localhost}:${toString service.ports.port0} @@ -52,26 +51,13 @@ in }; }; - sops = - let - sopsPath = secret: { - path = "${service.sops.path0}/${service.name}-${secret}.env"; - owner = "caddy"; - mode = "0400"; - }; - in - { - secrets = { - "caddy/${service.name}-auth" = sopsPath "auth"; - }; - }; - systemd.tmpfiles.rules = [ "Z ${service.sops.path0} 755 caddy caddy -" ]; users.users.${service.name}.extraGroups = [ "users" + "caddy" ]; networking = { From cd09949bee247b2c58d5b097a240fd6fc77b9254 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 19:15:22 -0500 Subject: [PATCH 09/23] feat: added python tooling --- .../cli/development/tooling/python/default.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 modules/home/cli/development/tooling/python/default.nix diff --git a/modules/home/cli/development/tooling/python/default.nix b/modules/home/cli/development/tooling/python/default.nix new file mode 100644 index 0000000..e390cfc --- /dev/null +++ b/modules/home/cli/development/tooling/python/default.nix @@ -0,0 +1,14 @@ +{ + pkgs, + ... +}: +{ + home.packages = builtins.attrValues { + inherit (pkgs) + python314 + ; + inherit (pkgs.python313Packages) + venvShellHook + ; + }; +} From 59957cdc78545939f75a773bd1f268dd015de871 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 20:06:47 -0500 Subject: [PATCH 10/23] feat: added python tooling --- systems/ceres/config/comfyui.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 5354f71..8165c16 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -18,7 +18,7 @@ in services = { comfyui = { - enable = true; + enable = false; openFirewall = true; host = localhost; package = pkgs.comfyuiPackages.comfyui.override { From 31d60229f73ee46b6cc5729c7948c2a8180ca84b Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 20:09:21 -0500 Subject: [PATCH 11/23] feat: comfyui-test --- modules/nixos/default.nix | 2 +- systems/ceres/config/comfyui.nix | 124 ++++++++++++++++--------------- 2 files changed, 64 insertions(+), 62 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index c811d04..1590c81 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -64,7 +64,7 @@ in searx vaultwarden website - comfyui + # comfyui prompter ; }; diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 8165c16..bb12f63 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -1,70 +1,72 @@ { - config, - pkgs, - flake, - ... -}: + # { + # config, + # pkgs, + # flake, + # ... + # }: -let - inherit (flake.config.services.instances) comfyui web; - service = comfyui; - localhost = web.localhost.address1; - host = service.domains.url0; -in -{ - nixpkgs.overlays = [ - flake.inputs.nix-comfyui.overlays.default - ]; + # let + # inherit (flake.config.services.instances) comfyui web; + # service = comfyui; + # localhost = web.localhost.address1; + # host = service.domains.url0; + # in + # { + # nixpkgs.overlays = [ + # flake.inputs.nix-comfyui.overlays.default + # ]; - services = { - comfyui = { - enable = false; - openFirewall = true; - host = localhost; - package = pkgs.comfyuiPackages.comfyui.override { - extensions = with pkgs.comfyuiPackages.extensions; [ - acly-inpaint - acly-tooling - cubiq-ipadapter-plus - fannovel16-controlnet-aux - ]; - commandLineArgs = [ - "--preview-method" - "auto" - ]; - }; - }; - caddy = { - virtualHosts = { - "${host}" = { - extraConfig = '' - basicauth { - {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} - } + # services = { + # comfyui = { + # enable = true; + # openFirewall = true; + # host = localhost; + # package = pkgs.comfyuiPackages.comfyui.override { + # extensions = with pkgs.comfyuiPackages.extensions; [ + # acly-inpaint + # acly-tooling + # cubiq-ipadapter-plus + # fannovel16-controlnet-aux + # ]; + # commandLineArgs = [ + # "--preview-method" + # "auto" + # ]; + # }; + # }; + # caddy = { + # virtualHosts = { + # "${host}" = { + # extraConfig = '' + # basicauth { + # {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + # } - reverse_proxy ${localhost}:${toString service.ports.port0} + # reverse_proxy ${localhost}:${toString service.ports.port0} - tls ${service.ssl.cert} ${service.ssl.key} - ''; - }; - }; - }; - }; + # tls ${service.ssl.cert} ${service.ssl.key} + # ''; + # }; + # }; + # }; + # }; - systemd.tmpfiles.rules = [ - "Z ${service.sops.path0} 755 caddy caddy -" - ]; + # systemd.tmpfiles.rules = [ + # "Z ${service.sops.path0} 755 caddy caddy -" + # ]; - users.users.${service.name}.extraGroups = [ - "users" - "caddy" - ]; + # users.users.${service.name}.extraGroups = [ + # "users" + # "caddy" + # ]; - networking = { - firewall = { - allowedTCPPorts = [ - service.ports.port0 - ]; - }; - }; + # networking = { + # firewall = { + # allowedTCPPorts = [ + # service.ports.port0 + # ]; + # }; + # }; + # } } From 21ef27f8d99d736542973d8f298bc69604102261 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 20:11:52 -0500 Subject: [PATCH 12/23] feat: comfyui-test --- modules/nixos/default.nix | 2 +- systems/ceres/config/comfyui.nix | 124 +++++++++++++++---------------- 2 files changed, 62 insertions(+), 64 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 1590c81..c811d04 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -64,7 +64,7 @@ in searx vaultwarden website - # comfyui + comfyui prompter ; }; diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index bb12f63..5354f71 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -1,72 +1,70 @@ { - # { - # config, - # pkgs, - # flake, - # ... - # }: + config, + pkgs, + flake, + ... +}: - # let - # inherit (flake.config.services.instances) comfyui web; - # service = comfyui; - # localhost = web.localhost.address1; - # host = service.domains.url0; - # in - # { - # nixpkgs.overlays = [ - # flake.inputs.nix-comfyui.overlays.default - # ]; +let + inherit (flake.config.services.instances) comfyui web; + service = comfyui; + localhost = web.localhost.address1; + host = service.domains.url0; +in +{ + nixpkgs.overlays = [ + flake.inputs.nix-comfyui.overlays.default + ]; - # services = { - # comfyui = { - # enable = true; - # openFirewall = true; - # host = localhost; - # package = pkgs.comfyuiPackages.comfyui.override { - # extensions = with pkgs.comfyuiPackages.extensions; [ - # acly-inpaint - # acly-tooling - # cubiq-ipadapter-plus - # fannovel16-controlnet-aux - # ]; - # commandLineArgs = [ - # "--preview-method" - # "auto" - # ]; - # }; - # }; - # caddy = { - # virtualHosts = { - # "${host}" = { - # extraConfig = '' - # basicauth { - # {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} - # } + services = { + comfyui = { + enable = true; + openFirewall = true; + host = localhost; + package = pkgs.comfyuiPackages.comfyui.override { + extensions = with pkgs.comfyuiPackages.extensions; [ + acly-inpaint + acly-tooling + cubiq-ipadapter-plus + fannovel16-controlnet-aux + ]; + commandLineArgs = [ + "--preview-method" + "auto" + ]; + }; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + basicauth { + {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + } - # reverse_proxy ${localhost}:${toString service.ports.port0} + reverse_proxy ${localhost}:${toString service.ports.port0} - # tls ${service.ssl.cert} ${service.ssl.key} - # ''; - # }; - # }; - # }; - # }; + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; - # systemd.tmpfiles.rules = [ - # "Z ${service.sops.path0} 755 caddy caddy -" - # ]; + systemd.tmpfiles.rules = [ + "Z ${service.sops.path0} 755 caddy caddy -" + ]; - # users.users.${service.name}.extraGroups = [ - # "users" - # "caddy" - # ]; + users.users.${service.name}.extraGroups = [ + "users" + "caddy" + ]; - # networking = { - # firewall = { - # allowedTCPPorts = [ - # service.ports.port0 - # ]; - # }; - # }; - # } + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + ]; + }; + }; } From 3fbc7242479b006b8585f438d1831e138aada75b Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:35:37 -0500 Subject: [PATCH 13/23] feat: comfyui-test --- modules/nixos/services/comfyui/default.nix | 16 ++++++++-------- systems/ceres/config/comfyui.nix | 12 ++++++------ 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/modules/nixos/services/comfyui/default.nix b/modules/nixos/services/comfyui/default.nix index 90cb702..0093e24 100755 --- a/modules/nixos/services/comfyui/default.nix +++ b/modules/nixos/services/comfyui/default.nix @@ -20,14 +20,14 @@ in package = mkOption { type = types.package; default = pkgs.comfyuiPackages.comfyui.override { - extensions = with pkgs.comfyuiPackages.extensions; [ - # Add desired extensions here - # Example extensions: - # acly-inpaint - # acly-tooling - # cubiq-ipadapter-plus - # fannovel16-controlnet-aux - ]; + # extensions = with pkgs.comfyuiPackages.extensions; [ + # # Add desired extensions here + # # Example extensions: + # # acly-inpaint + # # acly-tooling + # # cubiq-ipadapter-plus + # # fannovel16-controlnet-aux + # ]; commandLineArgs = [ "--preview-method" "auto" diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 5354f71..e9f16ec 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -22,12 +22,12 @@ in openFirewall = true; host = localhost; package = pkgs.comfyuiPackages.comfyui.override { - extensions = with pkgs.comfyuiPackages.extensions; [ - acly-inpaint - acly-tooling - cubiq-ipadapter-plus - fannovel16-controlnet-aux - ]; + # extensions = with pkgs.comfyuiPackages.extensions; [ + # acly-inpaint + # acly-tooling + # cubiq-ipadapter-plus + # fannovel16-controlnet-aux + # ]; commandLineArgs = [ "--preview-method" "auto" From 5ca52b6ef81628919c4ac35f542c6aa90a1cb810 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:39:10 -0500 Subject: [PATCH 14/23] feat: comfyui-test --- modules/nixos/services/comfyui/default.nix | 16 ++++++++-------- systems/ceres/config/comfyui.nix | 12 ++++++------ 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/modules/nixos/services/comfyui/default.nix b/modules/nixos/services/comfyui/default.nix index 0093e24..90cb702 100755 --- a/modules/nixos/services/comfyui/default.nix +++ b/modules/nixos/services/comfyui/default.nix @@ -20,14 +20,14 @@ in package = mkOption { type = types.package; default = pkgs.comfyuiPackages.comfyui.override { - # extensions = with pkgs.comfyuiPackages.extensions; [ - # # Add desired extensions here - # # Example extensions: - # # acly-inpaint - # # acly-tooling - # # cubiq-ipadapter-plus - # # fannovel16-controlnet-aux - # ]; + extensions = with pkgs.comfyuiPackages.extensions; [ + # Add desired extensions here + # Example extensions: + # acly-inpaint + # acly-tooling + # cubiq-ipadapter-plus + # fannovel16-controlnet-aux + ]; commandLineArgs = [ "--preview-method" "auto" diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index e9f16ec..01aefb0 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -22,12 +22,12 @@ in openFirewall = true; host = localhost; package = pkgs.comfyuiPackages.comfyui.override { - # extensions = with pkgs.comfyuiPackages.extensions; [ - # acly-inpaint - # acly-tooling - # cubiq-ipadapter-plus - # fannovel16-controlnet-aux - # ]; + extensions = with pkgs.comfyuiPackages.extensions; [ + # acly-inpaint + # acly-tooling + # cubiq-ipadapter-plus + # fannovel16-controlnet-aux + ]; commandLineArgs = [ "--preview-method" "auto" From 6d27fabd0ed0ff9f6faec428a410f21b409b80e4 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:43:53 -0500 Subject: [PATCH 15/23] feat: comfyui-test --- modules/nixos/default.nix | 2 +- modules/nixos/services/comfyui/default.nix | 16 ++++++++-------- systems/ceres/config/comfyui.nix | 12 ++++++------ 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index c811d04..1590c81 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -64,7 +64,7 @@ in searx vaultwarden website - comfyui + # comfyui prompter ; }; diff --git a/modules/nixos/services/comfyui/default.nix b/modules/nixos/services/comfyui/default.nix index 90cb702..0093e24 100755 --- a/modules/nixos/services/comfyui/default.nix +++ b/modules/nixos/services/comfyui/default.nix @@ -20,14 +20,14 @@ in package = mkOption { type = types.package; default = pkgs.comfyuiPackages.comfyui.override { - extensions = with pkgs.comfyuiPackages.extensions; [ - # Add desired extensions here - # Example extensions: - # acly-inpaint - # acly-tooling - # cubiq-ipadapter-plus - # fannovel16-controlnet-aux - ]; + # extensions = with pkgs.comfyuiPackages.extensions; [ + # # Add desired extensions here + # # Example extensions: + # # acly-inpaint + # # acly-tooling + # # cubiq-ipadapter-plus + # # fannovel16-controlnet-aux + # ]; commandLineArgs = [ "--preview-method" "auto" diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 01aefb0..8c3143c 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -22,12 +22,12 @@ in openFirewall = true; host = localhost; package = pkgs.comfyuiPackages.comfyui.override { - extensions = with pkgs.comfyuiPackages.extensions; [ - # acly-inpaint - # acly-tooling - # cubiq-ipadapter-plus - # fannovel16-controlnet-aux - ]; + # extensions = with pkgs.comfyuiPackages.extensions; [ + # # acly-inpaint + # # acly-tooling + # # cubiq-ipadapter-plus + # # fannovel16-controlnet-aux + # ]; commandLineArgs = [ "--preview-method" "auto" From a659aa170410edc5b423ff726bcf9106caccf768 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:45:30 -0500 Subject: [PATCH 16/23] feat: comfyui-test --- systems/ceres/config/comfyui.nix | 122 +++++++++++++++---------------- 1 file changed, 61 insertions(+), 61 deletions(-) diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 8c3143c..3fbdcc0 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -1,70 +1,70 @@ { - config, - pkgs, - flake, - ... -}: + # config, + # pkgs, + # flake, + # ... + # }: -let - inherit (flake.config.services.instances) comfyui web; - service = comfyui; - localhost = web.localhost.address1; - host = service.domains.url0; -in -{ - nixpkgs.overlays = [ - flake.inputs.nix-comfyui.overlays.default - ]; + # let + # inherit (flake.config.services.instances) comfyui web; + # service = comfyui; + # localhost = web.localhost.address1; + # host = service.domains.url0; + # in + # { + # nixpkgs.overlays = [ + # flake.inputs.nix-comfyui.overlays.default + # ]; - services = { - comfyui = { - enable = true; - openFirewall = true; - host = localhost; - package = pkgs.comfyuiPackages.comfyui.override { - # extensions = with pkgs.comfyuiPackages.extensions; [ - # # acly-inpaint - # # acly-tooling - # # cubiq-ipadapter-plus - # # fannovel16-controlnet-aux - # ]; - commandLineArgs = [ - "--preview-method" - "auto" - ]; - }; - }; - caddy = { - virtualHosts = { - "${host}" = { - extraConfig = '' - basicauth { - {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} - } + # services = { + # comfyui = { + # enable = true; + # openFirewall = true; + # host = localhost; + # package = pkgs.comfyuiPackages.comfyui.override { + # # extensions = with pkgs.comfyuiPackages.extensions; [ + # # # acly-inpaint + # # # acly-tooling + # # # cubiq-ipadapter-plus + # # # fannovel16-controlnet-aux + # # ]; + # commandLineArgs = [ + # "--preview-method" + # "auto" + # ]; + # }; + # }; + # caddy = { + # virtualHosts = { + # "${host}" = { + # extraConfig = '' + # basicauth { + # {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + # } - reverse_proxy ${localhost}:${toString service.ports.port0} + # reverse_proxy ${localhost}:${toString service.ports.port0} - tls ${service.ssl.cert} ${service.ssl.key} - ''; - }; - }; - }; - }; + # tls ${service.ssl.cert} ${service.ssl.key} + # ''; + # }; + # }; + # }; + # }; - systemd.tmpfiles.rules = [ - "Z ${service.sops.path0} 755 caddy caddy -" - ]; + # systemd.tmpfiles.rules = [ + # "Z ${service.sops.path0} 755 caddy caddy -" + # ]; - users.users.${service.name}.extraGroups = [ - "users" - "caddy" - ]; + # users.users.${service.name}.extraGroups = [ + # "users" + # "caddy" + # ]; - networking = { - firewall = { - allowedTCPPorts = [ - service.ports.port0 - ]; - }; - }; + # networking = { + # firewall = { + # allowedTCPPorts = [ + # service.ports.port0 + # ]; + # }; + # }; } From 25d1a2304f7b7e39a77074b7193896df80716516 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:47:58 -0500 Subject: [PATCH 17/23] feat: comfyui-test --- modules/nixos/default.nix | 2 +- systems/ceres/config/comfyui.nix | 122 +++++++++++++++---------------- 2 files changed, 62 insertions(+), 62 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 1590c81..c811d04 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -64,7 +64,7 @@ in searx vaultwarden website - # comfyui + comfyui prompter ; }; diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 3fbdcc0..8c3143c 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -1,70 +1,70 @@ { - # config, - # pkgs, - # flake, - # ... - # }: + config, + pkgs, + flake, + ... +}: - # let - # inherit (flake.config.services.instances) comfyui web; - # service = comfyui; - # localhost = web.localhost.address1; - # host = service.domains.url0; - # in - # { - # nixpkgs.overlays = [ - # flake.inputs.nix-comfyui.overlays.default - # ]; +let + inherit (flake.config.services.instances) comfyui web; + service = comfyui; + localhost = web.localhost.address1; + host = service.domains.url0; +in +{ + nixpkgs.overlays = [ + flake.inputs.nix-comfyui.overlays.default + ]; - # services = { - # comfyui = { - # enable = true; - # openFirewall = true; - # host = localhost; - # package = pkgs.comfyuiPackages.comfyui.override { - # # extensions = with pkgs.comfyuiPackages.extensions; [ - # # # acly-inpaint - # # # acly-tooling - # # # cubiq-ipadapter-plus - # # # fannovel16-controlnet-aux - # # ]; - # commandLineArgs = [ - # "--preview-method" - # "auto" - # ]; - # }; - # }; - # caddy = { - # virtualHosts = { - # "${host}" = { - # extraConfig = '' - # basicauth { - # {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} - # } + services = { + comfyui = { + enable = true; + openFirewall = true; + host = localhost; + package = pkgs.comfyuiPackages.comfyui.override { + # extensions = with pkgs.comfyuiPackages.extensions; [ + # # acly-inpaint + # # acly-tooling + # # cubiq-ipadapter-plus + # # fannovel16-controlnet-aux + # ]; + commandLineArgs = [ + "--preview-method" + "auto" + ]; + }; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + basicauth { + {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + } - # reverse_proxy ${localhost}:${toString service.ports.port0} + reverse_proxy ${localhost}:${toString service.ports.port0} - # tls ${service.ssl.cert} ${service.ssl.key} - # ''; - # }; - # }; - # }; - # }; + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; - # systemd.tmpfiles.rules = [ - # "Z ${service.sops.path0} 755 caddy caddy -" - # ]; + systemd.tmpfiles.rules = [ + "Z ${service.sops.path0} 755 caddy caddy -" + ]; - # users.users.${service.name}.extraGroups = [ - # "users" - # "caddy" - # ]; + users.users.${service.name}.extraGroups = [ + "users" + "caddy" + ]; - # networking = { - # firewall = { - # allowedTCPPorts = [ - # service.ports.port0 - # ]; - # }; - # }; + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + ]; + }; + }; } From d18754dee6dd6412570b6cc1735cb842805d9881 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:49:46 -0500 Subject: [PATCH 18/23] feat: comfyui-test --- modules/nixos/services/comfyui/default.nix | 16 ++++++++-------- systems/ceres/config/comfyui.nix | 12 ++++++------ 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/modules/nixos/services/comfyui/default.nix b/modules/nixos/services/comfyui/default.nix index 0093e24..90cb702 100755 --- a/modules/nixos/services/comfyui/default.nix +++ b/modules/nixos/services/comfyui/default.nix @@ -20,14 +20,14 @@ in package = mkOption { type = types.package; default = pkgs.comfyuiPackages.comfyui.override { - # extensions = with pkgs.comfyuiPackages.extensions; [ - # # Add desired extensions here - # # Example extensions: - # # acly-inpaint - # # acly-tooling - # # cubiq-ipadapter-plus - # # fannovel16-controlnet-aux - # ]; + extensions = with pkgs.comfyuiPackages.extensions; [ + # Add desired extensions here + # Example extensions: + # acly-inpaint + # acly-tooling + # cubiq-ipadapter-plus + # fannovel16-controlnet-aux + ]; commandLineArgs = [ "--preview-method" "auto" diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 8c3143c..01aefb0 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -22,12 +22,12 @@ in openFirewall = true; host = localhost; package = pkgs.comfyuiPackages.comfyui.override { - # extensions = with pkgs.comfyuiPackages.extensions; [ - # # acly-inpaint - # # acly-tooling - # # cubiq-ipadapter-plus - # # fannovel16-controlnet-aux - # ]; + extensions = with pkgs.comfyuiPackages.extensions; [ + # acly-inpaint + # acly-tooling + # cubiq-ipadapter-plus + # fannovel16-controlnet-aux + ]; commandLineArgs = [ "--preview-method" "auto" From d3db3772068af910f0f32c1ff3e51e7bec3e8894 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:50:48 -0500 Subject: [PATCH 19/23] feat: comfyui-test --- modules/nixos/default.nix | 2 +- systems/ceres/config/comfyui.nix | 122 +++++++++++++++---------------- 2 files changed, 62 insertions(+), 62 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index c811d04..1590c81 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -64,7 +64,7 @@ in searx vaultwarden website - comfyui + # comfyui prompter ; }; diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 01aefb0..b433ac8 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -1,70 +1,70 @@ { - config, - pkgs, - flake, - ... -}: + # config, + # pkgs, + # flake, + # ... + # }: -let - inherit (flake.config.services.instances) comfyui web; - service = comfyui; - localhost = web.localhost.address1; - host = service.domains.url0; -in -{ - nixpkgs.overlays = [ - flake.inputs.nix-comfyui.overlays.default - ]; + # let + # inherit (flake.config.services.instances) comfyui web; + # service = comfyui; + # localhost = web.localhost.address1; + # host = service.domains.url0; + # in + # { + # nixpkgs.overlays = [ + # flake.inputs.nix-comfyui.overlays.default + # ]; - services = { - comfyui = { - enable = true; - openFirewall = true; - host = localhost; - package = pkgs.comfyuiPackages.comfyui.override { - extensions = with pkgs.comfyuiPackages.extensions; [ - # acly-inpaint - # acly-tooling - # cubiq-ipadapter-plus - # fannovel16-controlnet-aux - ]; - commandLineArgs = [ - "--preview-method" - "auto" - ]; - }; - }; - caddy = { - virtualHosts = { - "${host}" = { - extraConfig = '' - basicauth { - {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} - } + # services = { + # comfyui = { + # enable = true; + # openFirewall = true; + # host = localhost; + # package = pkgs.comfyuiPackages.comfyui.override { + # extensions = with pkgs.comfyuiPackages.extensions; [ + # # acly-inpaint + # # acly-tooling + # # cubiq-ipadapter-plus + # # fannovel16-controlnet-aux + # ]; + # commandLineArgs = [ + # "--preview-method" + # "auto" + # ]; + # }; + # }; + # caddy = { + # virtualHosts = { + # "${host}" = { + # extraConfig = '' + # basicauth { + # {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + # } - reverse_proxy ${localhost}:${toString service.ports.port0} + # reverse_proxy ${localhost}:${toString service.ports.port0} - tls ${service.ssl.cert} ${service.ssl.key} - ''; - }; - }; - }; - }; + # tls ${service.ssl.cert} ${service.ssl.key} + # ''; + # }; + # }; + # }; + # }; - systemd.tmpfiles.rules = [ - "Z ${service.sops.path0} 755 caddy caddy -" - ]; + # systemd.tmpfiles.rules = [ + # "Z ${service.sops.path0} 755 caddy caddy -" + # ]; - users.users.${service.name}.extraGroups = [ - "users" - "caddy" - ]; + # users.users.${service.name}.extraGroups = [ + # "users" + # "caddy" + # ]; - networking = { - firewall = { - allowedTCPPorts = [ - service.ports.port0 - ]; - }; - }; + # networking = { + # firewall = { + # allowedTCPPorts = [ + # service.ports.port0 + # ]; + # }; + # }; } From 3095a75c52f2b589e3ac33a002d1531bfec554c0 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:51:54 -0500 Subject: [PATCH 20/23] feat: comfyui-test --- modules/nixos/default.nix | 2 +- systems/ceres/config/comfyui.nix | 122 +++++++++++++++---------------- 2 files changed, 62 insertions(+), 62 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 1590c81..c811d04 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -64,7 +64,7 @@ in searx vaultwarden website - # comfyui + comfyui prompter ; }; diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index b433ac8..01aefb0 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -1,70 +1,70 @@ { - # config, - # pkgs, - # flake, - # ... - # }: + config, + pkgs, + flake, + ... +}: - # let - # inherit (flake.config.services.instances) comfyui web; - # service = comfyui; - # localhost = web.localhost.address1; - # host = service.domains.url0; - # in - # { - # nixpkgs.overlays = [ - # flake.inputs.nix-comfyui.overlays.default - # ]; +let + inherit (flake.config.services.instances) comfyui web; + service = comfyui; + localhost = web.localhost.address1; + host = service.domains.url0; +in +{ + nixpkgs.overlays = [ + flake.inputs.nix-comfyui.overlays.default + ]; - # services = { - # comfyui = { - # enable = true; - # openFirewall = true; - # host = localhost; - # package = pkgs.comfyuiPackages.comfyui.override { - # extensions = with pkgs.comfyuiPackages.extensions; [ - # # acly-inpaint - # # acly-tooling - # # cubiq-ipadapter-plus - # # fannovel16-controlnet-aux - # ]; - # commandLineArgs = [ - # "--preview-method" - # "auto" - # ]; - # }; - # }; - # caddy = { - # virtualHosts = { - # "${host}" = { - # extraConfig = '' - # basicauth { - # {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} - # } + services = { + comfyui = { + enable = true; + openFirewall = true; + host = localhost; + package = pkgs.comfyuiPackages.comfyui.override { + extensions = with pkgs.comfyuiPackages.extensions; [ + # acly-inpaint + # acly-tooling + # cubiq-ipadapter-plus + # fannovel16-controlnet-aux + ]; + commandLineArgs = [ + "--preview-method" + "auto" + ]; + }; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + basicauth { + {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + } - # reverse_proxy ${localhost}:${toString service.ports.port0} + reverse_proxy ${localhost}:${toString service.ports.port0} - # tls ${service.ssl.cert} ${service.ssl.key} - # ''; - # }; - # }; - # }; - # }; + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; - # systemd.tmpfiles.rules = [ - # "Z ${service.sops.path0} 755 caddy caddy -" - # ]; + systemd.tmpfiles.rules = [ + "Z ${service.sops.path0} 755 caddy caddy -" + ]; - # users.users.${service.name}.extraGroups = [ - # "users" - # "caddy" - # ]; + users.users.${service.name}.extraGroups = [ + "users" + "caddy" + ]; - # networking = { - # firewall = { - # allowedTCPPorts = [ - # service.ports.port0 - # ]; - # }; - # }; + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + ]; + }; + }; } From 47e9f98b3ebc78992dcc5a88072e53ddcfd6ee3b Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:53:20 -0500 Subject: [PATCH 21/23] feat: comfyui-test --- modules/nixos/default.nix | 2 +- systems/ceres/config/comfyui.nix | 122 +++++++++++++++---------------- 2 files changed, 62 insertions(+), 62 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index c811d04..1590c81 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -64,7 +64,7 @@ in searx vaultwarden website - comfyui + # comfyui prompter ; }; diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 01aefb0..b433ac8 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -1,70 +1,70 @@ { - config, - pkgs, - flake, - ... -}: + # config, + # pkgs, + # flake, + # ... + # }: -let - inherit (flake.config.services.instances) comfyui web; - service = comfyui; - localhost = web.localhost.address1; - host = service.domains.url0; -in -{ - nixpkgs.overlays = [ - flake.inputs.nix-comfyui.overlays.default - ]; + # let + # inherit (flake.config.services.instances) comfyui web; + # service = comfyui; + # localhost = web.localhost.address1; + # host = service.domains.url0; + # in + # { + # nixpkgs.overlays = [ + # flake.inputs.nix-comfyui.overlays.default + # ]; - services = { - comfyui = { - enable = true; - openFirewall = true; - host = localhost; - package = pkgs.comfyuiPackages.comfyui.override { - extensions = with pkgs.comfyuiPackages.extensions; [ - # acly-inpaint - # acly-tooling - # cubiq-ipadapter-plus - # fannovel16-controlnet-aux - ]; - commandLineArgs = [ - "--preview-method" - "auto" - ]; - }; - }; - caddy = { - virtualHosts = { - "${host}" = { - extraConfig = '' - basicauth { - {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} - } + # services = { + # comfyui = { + # enable = true; + # openFirewall = true; + # host = localhost; + # package = pkgs.comfyuiPackages.comfyui.override { + # extensions = with pkgs.comfyuiPackages.extensions; [ + # # acly-inpaint + # # acly-tooling + # # cubiq-ipadapter-plus + # # fannovel16-controlnet-aux + # ]; + # commandLineArgs = [ + # "--preview-method" + # "auto" + # ]; + # }; + # }; + # caddy = { + # virtualHosts = { + # "${host}" = { + # extraConfig = '' + # basicauth { + # {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + # } - reverse_proxy ${localhost}:${toString service.ports.port0} + # reverse_proxy ${localhost}:${toString service.ports.port0} - tls ${service.ssl.cert} ${service.ssl.key} - ''; - }; - }; - }; - }; + # tls ${service.ssl.cert} ${service.ssl.key} + # ''; + # }; + # }; + # }; + # }; - systemd.tmpfiles.rules = [ - "Z ${service.sops.path0} 755 caddy caddy -" - ]; + # systemd.tmpfiles.rules = [ + # "Z ${service.sops.path0} 755 caddy caddy -" + # ]; - users.users.${service.name}.extraGroups = [ - "users" - "caddy" - ]; + # users.users.${service.name}.extraGroups = [ + # "users" + # "caddy" + # ]; - networking = { - firewall = { - allowedTCPPorts = [ - service.ports.port0 - ]; - }; - }; + # networking = { + # firewall = { + # allowedTCPPorts = [ + # service.ports.port0 + # ]; + # }; + # }; } From 8d1531b2f512b80317f21b3ded91c4dc7339da08 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:53:49 -0500 Subject: [PATCH 22/23] feat: comfyui-test --- modules/nixos/default.nix | 2 +- systems/ceres/config/comfyui.nix | 122 +++++++++++++++---------------- 2 files changed, 62 insertions(+), 62 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 1590c81..c811d04 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -64,7 +64,7 @@ in searx vaultwarden website - # comfyui + comfyui prompter ; }; diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index b433ac8..01aefb0 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -1,70 +1,70 @@ { - # config, - # pkgs, - # flake, - # ... - # }: + config, + pkgs, + flake, + ... +}: - # let - # inherit (flake.config.services.instances) comfyui web; - # service = comfyui; - # localhost = web.localhost.address1; - # host = service.domains.url0; - # in - # { - # nixpkgs.overlays = [ - # flake.inputs.nix-comfyui.overlays.default - # ]; +let + inherit (flake.config.services.instances) comfyui web; + service = comfyui; + localhost = web.localhost.address1; + host = service.domains.url0; +in +{ + nixpkgs.overlays = [ + flake.inputs.nix-comfyui.overlays.default + ]; - # services = { - # comfyui = { - # enable = true; - # openFirewall = true; - # host = localhost; - # package = pkgs.comfyuiPackages.comfyui.override { - # extensions = with pkgs.comfyuiPackages.extensions; [ - # # acly-inpaint - # # acly-tooling - # # cubiq-ipadapter-plus - # # fannovel16-controlnet-aux - # ]; - # commandLineArgs = [ - # "--preview-method" - # "auto" - # ]; - # }; - # }; - # caddy = { - # virtualHosts = { - # "${host}" = { - # extraConfig = '' - # basicauth { - # {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} - # } + services = { + comfyui = { + enable = true; + openFirewall = true; + host = localhost; + package = pkgs.comfyuiPackages.comfyui.override { + extensions = with pkgs.comfyuiPackages.extensions; [ + # acly-inpaint + # acly-tooling + # cubiq-ipadapter-plus + # fannovel16-controlnet-aux + ]; + commandLineArgs = [ + "--preview-method" + "auto" + ]; + }; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + basicauth { + {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH} + } - # reverse_proxy ${localhost}:${toString service.ports.port0} + reverse_proxy ${localhost}:${toString service.ports.port0} - # tls ${service.ssl.cert} ${service.ssl.key} - # ''; - # }; - # }; - # }; - # }; + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; - # systemd.tmpfiles.rules = [ - # "Z ${service.sops.path0} 755 caddy caddy -" - # ]; + systemd.tmpfiles.rules = [ + "Z ${service.sops.path0} 755 caddy caddy -" + ]; - # users.users.${service.name}.extraGroups = [ - # "users" - # "caddy" - # ]; + users.users.${service.name}.extraGroups = [ + "users" + "caddy" + ]; - # networking = { - # firewall = { - # allowedTCPPorts = [ - # service.ports.port0 - # ]; - # }; - # }; + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + ]; + }; + }; } From c83ab72894f79fb8c3556bf2535785b1d12f8644 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 27 Jul 2025 21:55:31 -0500 Subject: [PATCH 23/23] feat: comfyui-test --- systems/ceres/config/comfyui.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 01aefb0..5354f71 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -23,10 +23,10 @@ in host = localhost; package = pkgs.comfyuiPackages.comfyui.override { extensions = with pkgs.comfyuiPackages.extensions; [ - # acly-inpaint - # acly-tooling - # cubiq-ipadapter-plus - # fannovel16-controlnet-aux + acly-inpaint + acly-tooling + cubiq-ipadapter-plus + fannovel16-controlnet-aux ]; commandLineArgs = [ "--preview-method"