xyno/nix-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix-configs/instances/nemesis/services/traccar.nix
Lucy Hochkamp 28dc0896b9
Some checks failed
ci/woodpecker/push/build-cache Pipeline failed
Details
ci/woodpecker/cron/dependency-pr Pipeline was successful
Details
navidrome
2025-12-04 00:21:41 +01:00

93 lines
3.1 KiB
Nix
Raw Blame History

{
pkgs,
lib,
config,
...
}:
{
xyno.services.traefik.simpleProxy.traccar = {
host = "track.66642.bot";
internal = "http://127.0.0.4:8082";
};
services.kanidm.provision = {
groups = {
traccar_users.members = [ "traccar_admins" ];
traccar_admins.members = [ "application_admins" ];
};
systems.oauth2.traccar = {
displayName = "Traccar";
originUrl = "https://track.66642.bot/api/session/openid/callback";
originLanding = "https://track.66642.bot/login";
imageFile = "${pkgs.traccar}/web/logo.svg";
# public = true;
scopeMaps."traccar_users" = [
"openid"
"profile"
"email"
"groups"
];
allowInsecureClientDisablePkce = true;
};
};
xyno.services.kanidm.templates."traccar" = {
text = p: ''
OPENID_CLIENT_ID=${p.clientId}
OPENID_CLIENT_SECRET=${p.basicSecret}
DATABASE_URL='jdbc:postgresql://localhost/traccar?socketFactory=org.newsclub.net.unix.AFUNIXSocketFactory$FactoryArg&socketFactoryArg=/run/postgresql/.s.PGSQL.5432'
'';
wantedBy = [ "traccar.service" ];
};
systemd.services.traccar.serviceConfig.ExecStart =
lib.mkForce "${pkgs.openjdk}/bin/java -cp './tracker-server.jar:./lib/*:${pkgs.junixsocket-common}/share/java/junixsocket-common-${pkgs.junixsocket-common.version}.jar:${pkgs.junixsocket-native-common}/share/java/junixsocket-native-common-${pkgs.junixsocket-common.version}.jar' org.traccar.Main /var/lib/traccar/config.xml"; # forgive it for what it has done
services.traccar = {
enable = true;
environmentFile = config.xyno.services.kanidm.templates.traccar.path;
settings = {
database.driver = "org.postgresql.Driver";
database.url = "$DATABASE_URL";
database.user = "traccar";
mail.debug = "true"; # log mail content instead of sending email
openid.adminGroup = "traccar_admins@idm.xyno.systems";
openid.allowGroup = "traccar_users@idm.xyno.systems";
openid.clientId = "$OPENID_CLIENT_ID";
openid.clientSecret = "$OPENID_CLIENT_SECRET";
openid.force = "true";
openid.issuerUrl = "https://idm.xyno.systems/oauth2/openid/traccar";
web.address = "127.0.0.4";
web.url = "https://track.66642.bot";
};
};
systemd.services.postgresql-install-timescale-in-traccar = {
after = [
"postgresql.service"
"postgresql-setup.service"
];
requires = [
"postgresql.service"
"postgresql-setup.service"
];
requiredBy = [ "traccar.service" ];
serviceConfig = {
User = "postgres";
Group = "postgres";
Type = "oneshot";
RemainAfterExit = true;
};
path = [ config.services.postgresql.finalPackage ];
environment.PGPORT = builtins.toString config.services.postgresql.settings.port;
script = ''
psql -d traccar -tAc "CREATE EXTENSION IF NOT EXISTS timescaledb;"
'';
};
services.postgresql.settings.shared_preload_libraries = [ "timescaledb" ];
services.postgresql.ensureDatabases = [ "traccar" ];
services.postgresql.ensureUsers = [
{
name = "traccar";
ensureDBOwnership = true;
}
];
}
Reference in a new issue View git blame Copy permalink