From 79e3156bb3b56de2bb4ed9bc80610aa0f4ca02e9 Mon Sep 17 00:00:00 2001 From: Lucien Cartier-Tilet Date: Sat, 7 Mar 2026 18:42:32 +0100 Subject: [PATCH] feat(copyparty): create copyparty service for elcafe --- flake.lock | 39 +++++++++++++++++++++++++++++++++- flake.nix | 14 ++++++++---- hosts/elcafe/configuration.nix | 15 +++++++++++++ hosts/elcafe/copyparty.nix | 23 ++++++++++++++++++++ packages/inkdrop.nix | 6 +++--- secrets/secrets.yaml | 8 +++++-- 6 files changed, 95 insertions(+), 10 deletions(-) create mode 100644 hosts/elcafe/copyparty.nix diff --git a/flake.lock b/flake.lock index d930d38..76c90fd 100644 --- a/flake.lock +++ b/flake.lock @@ -79,6 +79,27 @@ "type": "github" } }, + "copyparty": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1772839279, + "narHash": "sha256-pAI7T/9Gl6SUTKmNZhtxYjBGnYPNzBLMgfqILfYa1Us=", + "owner": "9001", + "repo": "copyparty", + "rev": "31b23843f2d51049da00c821f2418d0c44389cd7", + "type": "github" + }, + "original": { + "owner": "9001", + "repo": "copyparty", + "type": "github" + } + }, "devenv": { "inputs": { "cachix": "cachix", @@ -158,6 +179,21 @@ } }, "flake-utils": { + "locked": { + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { "inputs": { "systems": "systems" }, @@ -348,7 +384,7 @@ }, "pumo-system-info": { "inputs": { - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "nixpkgs": [ "nixpkgs" ], @@ -392,6 +428,7 @@ "root": { "inputs": { "caelestia-shell": "caelestia-shell", + "copyparty": "copyparty", "devenv": "devenv", "home-manager": "home-manager", "nix-index-database": "nix-index-database", diff --git a/flake.nix b/flake.nix index 3f70177..d1eb3ee 100644 --- a/flake.nix +++ b/flake.nix @@ -19,13 +19,18 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - pumo-system-info = { - url = "git+https://labs.phundrak.com/phundrak/pumo-system-info"; + caelestia-shell = { + url = "github:caelestia-dots/shell"; inputs.nixpkgs.follows = "nixpkgs"; }; - caelestia-shell = { - url = "github:caelestia-dots/shell"; + copyparty = { + url = "github:9001/copyparty"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + pumo-system-info = { + url = "git+https://labs.phundrak.com/phundrak/pumo-system-info"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -138,6 +143,7 @@ specialArgs = {inherit inputs outputs;}; defaultSystemModules = [ inputs.sops-nix.nixosModules.sops + inputs.copyparty.nixosModules.default ]; withSystemModules = modules: nixpkgs.lib.lists.flatten (defaultSystemModules ++ [modules]); in { diff --git a/hosts/elcafe/configuration.nix b/hosts/elcafe/configuration.nix index 329b548..b5c0278 100644 --- a/hosts/elcafe/configuration.nix +++ b/hosts/elcafe/configuration.nix @@ -12,6 +12,14 @@ sops.secrets = { "elcafe/traefik/env".restartUnits = ["traefik.service"]; "elcafe/traefik/dynamic".restartUnits = ["traefik.service"]; + "elcafe/copyparty/passwords/creug" = { + restartUnits = ["copyparty.service"]; + owner = "creug"; + }; + "elcafe/copyparty/passwords/phundrak" = { + restartUnits = ["copyparty.service"]; + owner = "phundrak"; + }; }; mySystem = { @@ -65,6 +73,13 @@ }; }; + services.copyparty = import ./copyparty.nix { + passwordFiles = { + creug = config.sops.secrets."elcafe/copyparty/passwords/creug".path; + phundrak = config.sops.secrets."elcafe/copyparty/passwords/phundrak".path; + }; + }; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It's perfectly fine and recommended to leave diff --git a/hosts/elcafe/copyparty.nix b/hosts/elcafe/copyparty.nix new file mode 100644 index 0000000..19a16e2 --- /dev/null +++ b/hosts/elcafe/copyparty.nix @@ -0,0 +1,23 @@ +{passwordFiles}: { + enable = true; + user = "creug"; + group = "users"; + accounts = { + creug.passwordFile = passwordFiles.creug; + phundrak.passwordFile = passwordFiles.phundrak; + }; + volumes = { + "/plex" = { + path = "/plex"; + access.rwmd = ["creug" "phundrak"]; + flags = { + e2dsa = true; + e2ts = true; + xdev = true; + xvol = true; + dedup = true; + nohash = "\\.iso$"; + }; + }; + }; +} diff --git a/packages/inkdrop.nix b/packages/inkdrop.nix index 8511bc0..9441b5a 100644 --- a/packages/inkdrop.nix +++ b/packages/inkdrop.nix @@ -99,7 +99,7 @@ stdenv.mkDerivation rec { dontConfigure = true; # Ignore musl dependency since we're using glibc - autoPatchelfIgnoreMissingDeps = [ "libc.musl-x86_64.so.1" ]; + autoPatchelfIgnoreMissingDeps = ["libc.musl-x86_64.so.1"]; unpackPhase = '' runHook preUnpack @@ -142,8 +142,8 @@ stdenv.mkDerivation rec { description = "Notebook app for Markdown lovers"; homepage = "https://www.inkdrop.app/"; license = licenses.unfree; - maintainers = [ ]; - platforms = [ "x86_64-linux" ]; + maintainers = []; + platforms = ["x86_64-linux"]; mainProgram = "inkdrop"; }; } diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 818e17c..fa11fbf 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -1,4 +1,8 @@ elcafe: + copyparty: + passwords: + creug: ENC[AES256_GCM,data:bWiDsIB9xbCC8N3VNzoXQ/ciyh5LyX5gaH5HrCR1n18=,iv:UOUUs/dXMQ4gF5x1UZuSs/DZh14OErWq1EJjv1B5+No=,tag:gMrL7RlaIegw+gXE4Du0KQ==,type:str] + phundrak: ENC[AES256_GCM,data:0kdrtlw2KeF4ZGqhejdnf1j59Lm5Gchh+wka2lOf8jU=,iv:4XG7M6oqRL0ZQiWMBe4oQ+mHjONkvuIXGa6m2Zqfd/A=,tag:A54LlE+7W2wXYn3HfCfBDw==,type:str] traefik: env: ENC[AES256_GCM,data:HUdWGYoEPp2v8dnDuVsl7YmPxuBfHmXzGrvKWeiqPlmAwMqVZrZ1j8on/7QKvYDJoTJ40XY2qNynSA==,iv:Vgc/fZERnNp7hSMeRd9EgB3IenKAFTAhwC0bk8CX4DE=,tag:SdfhOST/o29Lt1zRdXXRyQ==,type:str] dynamic: ENC[AES256_GCM,data:BKsjTfqpZhrocHOUfxjCNS61DVb1oSdPW99IrwmNjpFcs68WvyfD0+QZ9F362L88CQDTnDSXWAbc7mcBtxhqfhkjtsdxkhtLHMGG0WxlnYungTnROh9EDJRLNyjy/RCYWOIVOXIEUE5lLwnQkboZLEiruw1Ri+r27WYmGpD5DaR4XWDankb6BQPJA6f2ziPyynjNYZaRhMIQUDFLM3QRAXPYD00eaYIQtx253z8Uocz4LpOw2JReAQkI2zc+6Oe1O4fP/Cg8klF0owR6NkNUWoIUVwLqFmU7Yr45VO+T/f96Ev0hlDaMklxYJGNOS8kRbSqpaiuMCmL2mQ6rsZGFVfdMdImSL2j51lrPFJCsg/hNGXHAxQ0/OpHtcZz/cwn5nSHBXg6gX21kOpkWGY1+BRA15X0k5sUqXkZWjkP9wkSCV6pQTbr8a3GrX2VvGwguAC4EpTCkCobXw/d9a7bMfZFeJqFhwjpU/dfBi6OjF7bniOQ7k3+5RZRDqAxJiPaBk7NKVN1FzUCvFBjKifbfICOJaPJr1CmayNuBZtsSlj0MXBYx8D8oShzhsCo/+pyni4poMYyfNC9jQKWCBsjKEa6eWb1+TfOHv4W+lSlBFg3vGm4NDxCPnACKWlhKB4WoJGRHqnp809XF2fqP4lZN8S7+sB2rhNlr2CICk9oM80FNmW/8TTtIgbpfEeFeJwNTM+S95cFSqaIRg3kfcqB/bHG37BYthcL1SC85/lxhL2LJ/O0qXxbioyxVAaBIumAO8BB1qrdbOozHZZAU1IIKylDWMWUoJMyMdhMGnOxxxWcbV2jPUXUv03DYNp3G/5F2Hlr+h0bPIJEFZ2kb14wTK+25MsgfBgky26f8qjNwROqKA+bPeB2yUKSSCJb//PzzE4xyqu1mq2/1zTal0eSRTCEnAUCj0wDqCLBMO6GnL0PS4PtGJ9n/IbOjFXZeixWGJzUTcmxPAmsClH6FV8brEMVs5bfrjLieXQvcn0b8b9/1W2jV4dJGUE1TxUQ2B92VG7PrA39O/FO8tQJZrAMXO9iMv495w0Nxbt0HYN6wsFTUwlQ+3DCXxgmmVBqVSf1OtHuhxcznl1oR+sgPSgBRLVB22mv5677ErQGCWp1luyPSF6xvhIaKe9BDwxBwJ+RsqSn4w5t1qJM9uYqFunSJPY5439B4zWG+lUy1ZDNn1oHUaX3hZUhzc9tEm+0CWFNXxH2hiRFb2nYP6Pv/GNqjZCsflY0YYty0UJBqRELGpUO3Sd+zbyJmWtvDjto726/0jHB/jb0RVThUem0PzWmmIUth0ucKp0M7zqEWNyVPbvWOK6rWQW9eaW87bFeMhrD1PC+U0ilq9DKG1J3ldc0lEBrguc4fk72T3I62pw5KdGnsmB+FjAc8kdTFKhM52ylChsAnJGFu0LyBUgjGIzZ03XkO8RbYs/wzc9VQOvyikvB67wImXMu8PJDzMxXnu58y7C4U86kvLdUfYm5bz+MxZmXsDA1L7C4si6oLf7rOCfLLc4A1a/X/aMSk330SARW/UAZ/NaFDXhotYXZUSbr41Z6b0qRPZjjZfOkdeKxTp+r07+8oJpPOaIaaOIlNRkGyRCnbCGvJ4CuUfTQuywIefBHlawGzhsDvOKorWYTuim7MbJcd19bYMG6k8qqTQlNeHjZJaDLKJ/rnSAIGDSNYRP4uUUo0gqSp82E9bXUUn5VuFSPcJ55uvFXZD0f6tLZGIyUuG5tqw3xNQF2cA+4ZXzbxi6VIZQ+ahZELkoBR+dVXQ0yGkDJusNf61A1lfI2bd7JQnJ7YVhbF1gXNnDXdWO0F8zsnZyhSSJY3ZoXLdYn+v39+AxQvE3mpX7zNsk7+0WUHuqAh6JG6OBt7jF5OVwD3bfuQfDhPlfD7YOU5/C+rekDGXmfZOMXxadvQgWFcpHdgbV7NwKqdgj6pJDVoGO8/4HGtlb94/o6dtXzfheSLUhCUZ2Im81yduu8386fCYLHX/ZsP+CuuC2wlXQaSCgoODRXXDz7jsRcQNfW2ohmFT9iDn95NI5ylCgt49t2Cr06ft7Pd0tWjh69VQ8TjNlfqm3Sxlf/Gb9ihwOOytmbDv4bNKhpRIPC0jIZv3aaA7vgdLCbySVeMo1tfMx3Xvf6q8XqlsQ/HgwBxAMmjakIAukNwtU74oJ2AYpIO/Oc47081JR2sVtGWer6l7C8KMy9O0xYtABsofkc9kHQWtAvn82sSQTuI/UgD5ttfdfVZZaanHek3vgJyTYI3sPQDVJ6SXrC0a+fqMlTL7Jux/0B70gK1z46j5C54IBCChNa4CwXhvxofyoDgyF6DVC2qZxoKXGl1veQKJh68q9hCiDlYEpiwuRCs3j6uSUG4Rssc9TKfdY3AQltVrhykEORVEgZe1HWmlms=,iv:3G3geSZRziwGiKcUMVNZ7j5s/4YA6Uk7wCSb4aFNSMo=,tag:FxARskR9+wdV7/xCKP8UdA==,type:str] @@ -101,7 +105,7 @@ sops: dUpXZis2N2VyN0ZFbjlPRXdwRFQ1aHMKm1Mk6MPKxFmwdATCYUANRSY5rHKgmQer LBlqqWKt1JiIUAYtazQeQ6KYxmjVlQPY7AZw2t+EhBEPrqbTL3vOiw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-08T14:11:39Z" - mac: ENC[AES256_GCM,data:fRnv6X2PTwbkde0SJHXegU0QiixfjZlfvje/tfgotfLLmnwDsB0Pxl0tw4DkCcQ3GZKDbxC5WR4g+Jz1B/D79WYo8jEKsf7OCBgyw3HhPhsg7lgJ9Qa/NVR1PfwZBn6u5/nj1kuLgQe9ZSV/UmUIu5I1LEY8IGVoJOEJkr/ZVRg=,iv:E4qRUs/u8T3VpyJxGyqifmTQaf/+bG7uN6sbbb2cwQY=,tag:+bQhdMlw7hGcvINQJTP8lw==,type:str] + lastmodified: "2026-03-07T17:19:05Z" + mac: ENC[AES256_GCM,data:hT4mPKLcIuAFmllJBYFXL5sGyMn95mYEv+eGVA+KQYm629YKSncgvn5g8elau/8HXR1O/bwQlkGmGr8VPeR/0KRb6TPCA4MrCwox38fy3ZLx2e0movVi/xIgKXIo5wYUq4Qm/pSo715limxGChxUxKtdEK/lmMkSnxyGmlkQtwM=,iv:XoOfhdK/CK6shUXhH4h14gtyqZqcqmTV6/R2jkynFr8=,tag:q3V0xcWQxjFi2drk5fLJoQ==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0