{ config, flake, ... }: let inherit (flake.config.people) user0; inherit (flake.config.services.instances) glance web; inherit (flake.config.machines.devices) ceres; service = glance; in { services = { glance = { enable = true; settings = { server = { # assets-path = "/home/${user0}/Files/Projects/dotfiles/modules/nixos/services/glance/assets"; port = service.ports.port0; }; # auth = { # secret-key = config.sops.secrets."${service.name}-key".path; # users.${user0}.password = config.sops.secrets."${service.name}-${user0}-pass".path; # }; branding = { hide-footer = true; # logo-url = /assets/logo.png; # favicon-url = /assets/logo.png; # app-name = "My Dashboard"; # app-icon-url = "/assets/app-icon.png"; # app-background-color = "#151519"; }; theme = { background-color = "232 23 18"; contrast-multiplier = 1.2; primary-color = "220 83 75"; positive-color = "105 48 72"; negative-color = "351 74 73"; }; pages = [ { columns = [ { size = "full"; widgets = [ { type = "rss"; title = "Podcasts"; style = "detailed-list"; collapse-after = 6; feeds = [ { url = "https://sigmanutrition.libsyn.com/rss/"; title = "Sigma Nutrition Radio"; } { url = "https://wakingup.libsyn.com/rss"; title = "Making Sense with Sam Harris"; } { url = "https://feeds.simplecast.com/uNKL_XD_"; title = "Docs Who Lift"; } ]; } ]; } { size = "small"; widgets = [ { type = "calendar"; title = "Calendar"; style = "vertical-cards"; } { type = "weather"; title = "Weather"; units = "metric"; hour-format = "12h"; location = "Winnipeg, Manitoba, Canada"; } { type = "clock"; hour-format = "12h"; timezones = [ { timezone = "America/Winnipeg"; label = "Winnipeg, MB"; } { timezone = "Europe/Berlin"; label = "Berlin, DE"; } { timezone = "Asia/Kolkata"; label = "Kolkata, IN"; } { timezone = "Asia/Tokyo"; label = "Tokyo, JP"; } ]; } ]; } ]; name = "Dashboard"; } ]; }; }; # sops = # let # sopsPath = secret: { # path = "${service.sops.path0}/${service.name}-${secret}"; # owner = service.name; # mode = "600"; # }; # in # { # secrets = builtins.listToAttrs ( # map # (secret: { # name = "${service.name}-${secret}"; # value = sopsPath secret; # }) # [ # "key" # "${user0}-pass" # ] # ); # }; # fileSystems."/var/lib/${service.name}" = { # device = service.paths.path0; # fsType = "none"; # options = [ # "bind" # ]; # depends = [ # ceres.storage0.mount # ]; # }; # systemd.tmpfiles.rules = [ # "Z ${service.paths.path0} 755 ${service.name} ${service.name} -" # "Z ${service.sops.path0} 755 ${service.name} ${service.name} -" # ]; }; networking = { firewall = { allowedTCPPorts = [ service.ports.port0 ]; }; }; }