2024-06-13 15:47:36 +02:00
|
|
|
{ config, ... }:
|
|
|
|
{
|
2024-06-13 16:00:38 +02:00
|
|
|
sops.secrets.guacamole_users.sopsFile = ../../secrets.yaml;
|
2024-06-13 16:53:06 +02:00
|
|
|
satellite.nginx.at.guacamole.port = config.satellite.ports.guacamole;
|
2024-06-13 15:47:36 +02:00
|
|
|
|
2024-06-13 17:10:37 +02:00
|
|
|
virtualisation.oci-containers.containers.guacamole = {
|
|
|
|
image = "flcontainers/guacamole";
|
2024-06-13 16:53:06 +02:00
|
|
|
ports = [ "${toString config.satellite.nginx.at.guacamole.port}:8080" ];
|
|
|
|
volumes = [
|
|
|
|
"/etc/localtime:/etc/localtime"
|
|
|
|
# "${config.sops.secrets.guacamole_users.path}:/etc/guacamole/user-mapping.xml"
|
|
|
|
"/var/lib/guacamole:/config"
|
|
|
|
];
|
2024-06-13 15:47:36 +02:00
|
|
|
|
2024-07-06 19:32:14 +02:00
|
|
|
environment.TZ = config.time.timeZone;
|
2024-06-13 15:47:36 +02:00
|
|
|
};
|
2024-06-13 15:50:52 +02:00
|
|
|
|
|
|
|
# Allow ssh-ing using the provided key
|
|
|
|
users.users.pilot.openssh.authorizedKeys.keyFiles = [ ./ed25519.pub ];
|
2024-06-13 15:47:36 +02:00
|
|
|
}
|