Push latest build to prod

modules/system/cloudreve.nix

@@ -88,7 +88,7 @@ with lib;
 				"/var/run/secrets/cloudreve-env"
 			];
 			#extraOptions = ["--network=pasta:--map-gw"];
-			image = "cloudreve.azurecr.io/cloudreve/pro:4.10.1";
+			image = "cloudreve.azurecr.io/cloudreve/pro:4.15.0";
 			# I'd much rather be doing this, but it fails in inscrutible ways
 			#podman.user = "cloudreve";
 			ports = [ "127.0.0.1:10040:5212" ];

modules/system/default.nix

@@ -27,6 +27,7 @@
 		./sudo.nix
 		./switch-fix.nix
 		./synapse.nix
+		./taiga.nix
 		./tegola.nix
 		./timecardbot.nix
 		./tmux.nix

modules/system/taiga.nix

@@ -0,0 +1,60 @@
+{ config, configPath, lib, pkgs, ... }:
+
+{
+	options.myModules.taiga.enable = mkEnableOption "custom taiga configuration";
+
+	config = mkIf config.myModules.taiga.enable {
+		services.postgresql = {
+			ensureDatabases = [ "taiga" ];
+			ensureUsers = [{
+				ensureClauses.login = true;
+				ensureDBOwnership = true;
+				name = "taiga";
+			}];
+		};
+		# Define the container as a systemd service
+		virtualisation.oci-containers = {
+			backend = "docker"; # or "podman"
+			
+			containers = {
+				taiga-back = {
+					image = "taigaio/taiga-back:6.9.0";
+					
+					# Environment variables
+					environment = {
+						POSTGRES_HOST = "postgres";
+						POSTGRES_DB = "taiga";
+						TAIGA_SECRET_KEY = "your-secret-key-here";
+						TAIGA_SITES_DOMAIN = "taiga.example.com";
+					};
+					
+					# Port mappings
+					ports = [
+						"8000:8000"
+					];
+					
+					# Volumes
+					volumes = [
+						"/var/lib/taiga/media:/taiga-back/media"
+						"/var/lib/taiga/static:/taiga-back/static"
+					];
+					
+					# Auto-start on boot
+					autoStart = true;
+					
+					# Extra options
+					#extraOptions = [
+						#"--network=taiga-net"
+					#];
+				};
+			};
+		};
+
+		# Ensure the data directories exist
+		systemd.tmpfiles.rules = [
+			"d /var/lib/taiga 0755 root root -"
+			"d /var/lib/taiga/media 0755 root root -"
+			"d /var/lib/taiga/static 0755 root root -"
+		];
+	};
+}