feat: add canvas mcp · dunkirk.sh/dots@cd2d457

dunkirk.sh / dots

fork atom

Kieran's opinionated (and probably slightly dumb) nix config

fork atom

feat: add canvas mcp

dunkirk.sh 3 weeks ago cd2d457c 8eff85a9

verified

+60

5 changed files

expand all

unified split

machines

terebithia

default.nix

modules

nixos

services

canvas-mcp.nix

secrets

canvas-mcp-dkim.age

canvas-mcp.age

secrets.nix

+19

machines/terebithia/default.nix

··· 156 156 owner = "herald"; 157 157 mode = "0400"; 158 158 }; 159 + canvas-mcp = { 160 + file = ../../secrets/canvas-mcp.age; 161 + owner = "canvas-mcp"; 162 + }; 163 + canvas-mcp-dkim = { 164 + file = ../../secrets/canvas-mcp-dkim.age; 165 + owner = "canvas-mcp"; 166 + mode = "0400"; 167 + }; 159 168 160 169 "restic/env".file = ../../secrets/restic/env.age; 161 170 "restic/repo".file = ../../secrets/restic/repo.age; ··· 527 536 }; 528 537 }; 529 538 secretsFile = config.age.secrets.herald.path; 539 + }; 540 + 541 + atelier.services.canvas-mcp = { 542 + enable = true; 543 + domain = "canvas.dunkirk.sh"; 544 + secretsFile = config.age.secrets.canvas-mcp.path; 545 + environment = { 546 + DKIM_PRIVATE_KEY_FILE = "${config.age.secrets.canvas-mcp-dkim.path}"; 547 + }; 548 + repository = "https://github.com/taciturnaxolotl/emojibot"; 530 549 }; 531 550 532 551 services.caddy.virtualHosts."terebithia.dunkirk.sh" = {

+35

modules/nixos/services/canvas-mcp.nix

··· 1 + # Canvas MCP - Model Context Protocol server for Canvas LMS 2 + # 3 + # Uses the mkService base to provide standardized: 4 + # - Systemd service with git deployment 5 + # - Caddy reverse proxy 6 + # - Automatic SQLite backup with WAL checkpoint 7 + 8 + let 9 + mkService = import ../../lib/mkService.nix; 10 + in 11 + 12 + mkService { 13 + name = "canvas-mcp"; 14 + description = "Canvas MCP server for Claude Desktop"; 15 + defaultPort = 3006; 16 + runtime = "bun"; 17 + entryPoint = "src/index.ts"; 18 + 19 + extraConfig = cfg: { 20 + # Set environment variables 21 + systemd.services.canvas-mcp.serviceConfig.Environment = [ 22 + "DATABASE_PATH=${cfg.dataDir}/data/canvas-mcp.db" 23 + "BASE_URL=https://${cfg.domain}" 24 + "PORT=${toString cfg.port}" 25 + ]; 26 + 27 + # Load secrets from agenix if configured 28 + systemd.services.canvas-mcp.serviceConfig.EnvironmentFile = cfg.secretsFile; 29 + 30 + # Data declarations for automatic backup 31 + atelier.services.canvas-mcp.data = { 32 + sqlite = "${cfg.dataDir}/data/canvas-mcp.db"; 33 + }; 34 + }; 35 + }

secrets/canvas-mcp-dkim.age

This is a binary file and will not be displayed.

secrets/canvas-mcp.age

This is a binary file and will not be displayed.

secrets/secrets.nix

··· 82 82 "herald-dkim.age".publicKeys = [ 83 83 kierank 84 84 ]; 85 + "canvas-mcp.age".publicKeys = [ 86 + kierank 87 + ]; 88 + "canvas-mcp-dkim.age".publicKeys = [ 89 + kierank 90 + ]; 85 91 }