From 0d346e5ae69ba82e1d3fb7c403110605337685a5 Mon Sep 17 00:00:00 2001 From: Nico Date: Sun, 11 Jan 2026 21:59:44 +1100 Subject: [PATCH] karakeep: use native nix module --- flake.nix | 1 + modules/services/karakeep.nix | 21 +++++++-------------- 2 files changed, 8 insertions(+), 14 deletions(-) diff --git a/flake.nix b/flake.nix index e73f5f9..c4ff1e0 100644 --- a/flake.nix +++ b/flake.nix @@ -33,6 +33,7 @@ ./modules/services/caddy.nix ./modules/services/forgejo.nix ./modules/services/miniflux.nix + ./modules/services/karakeep.nix ./modules/services/media/arr.nix ./modules/services/media/jellyfin.nix ./modules/services/archiveteam-warrior.nix diff --git a/modules/services/karakeep.nix b/modules/services/karakeep.nix index fc31f35..6decca9 100644 --- a/modules/services/karakeep.nix +++ b/modules/services/karakeep.nix @@ -1,12 +1,10 @@ { config, ... }: { - virtualisation.oci-containers.containers.karakeep = { - image = "ghcr.io/karakeep-app/karakeep:release"; - volumes = [ "/var/lib/karakeep/data:/data" ]; - ports = [ "8023:3000" ]; - environment = { - DATA_DIR = "/data"; # dont change + services.karakeep = { + enable = true; + extraEnvironment = { + PORT = "8023"; OAUTH_WELLKNOWN_URL = "https://${config.homelab.authDomain}/oauth2/openid/karakeep/.well-known/openid-configuration"; OAUTH_PROVIDER_NAME = "${config.homelab.domain}"; @@ -16,14 +14,9 @@ OAUTH_ALLOW_DANGEROUS_EMAIL_ACCOUNT_LINKING = "true"; }; - environmentFiles = [ - # put the environment variable NEXTAUTH_SECRET in here - # with a randomly generated string. gen with `openssl rand -base64 36` - /var/lib/karakeep/nextauth-secret - - # https://pocket-id.org/docs/client-examples/hoarder - /var/lib/karakeep/oidc - ]; + # put OAUTH_CLIENT_SECRET and OAUTH_CLIENT_ID in file + # https://docs.karakeep.app/configuration/environment-variables#authentication--signup + environmentFile = "/var/lib/karakeep/oidc"; }; services.caddy.virtualHosts."karakeep.${config.homelab.domain}" = {