colonelpanic/dotfiles
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(nixos): add org-agenda-api hosting with nginx + Let's Encrypt

Browse Source 
Add NixOS module to host org-agenda-api container on railbird-sf:
- org-agenda-api-host.nix: New module with nginx reverse proxy and ACME
- nginx configured for rbsf.tplinkdns.com with automatic TLS
- Container runs on port 51847 (random high port)
- Supports nix-built container images via imageFile option

Configure railbird-sf to use the new module:
- Build org-agenda-api container from flake
- Pass container to machine config via specialArgs
- Set up agenix secret for container environment

Note: Requires creating secrets file with AUTH_PASSWORD and
GIT_SSH_PRIVATE_KEY environment variables.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Ivan Malison
2026-01-30 09:40:19 -08:00
parent 53afba8b40
commit e7a455ced9
5 changed files with 174 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/secrets/secrets.nix
View File

@@ -20,7 +20,7 @@ in
"discourse-admin-password.age".publicKeys = keys.hostKeys;
"discourse-secret-key-base.age".publicKeys = keys.hostKeys;
"vaultwarden-environment-file.age".publicKeys = keys.hostKeys;
"org-api-passwords.age".publicKeys = keys.hostKeys ++ keys.kanivanKeys;
"org-api-passwords.age".publicKeys = keys.hostKeys ++ keys.kanivanKeys ++ keys.railbird-sf;
"google-assistant-integration-service-key.age".publicKeys = keys.hostKeys ++ keys.kanivanKeys;
"zwave-js.json.age".publicKeys = keys.hostKeys ++ keys.kanivanKeys;
}