ark/hosts/wolumonde/modules/blog.nix

50 lines
1.1 KiB
Nix
Raw Normal View History

2022-08-11 02:57:40 +03:00
{
2024-08-24 14:40:13 +03:00
config,
2022-08-11 02:57:40 +03:00
pkgs,
inputs,
...
2024-08-23 17:18:24 +03:00
}: let
PUBLIC_BASE_URL = "https://gaze.systems";
pkg = inputs.blog.packages.${pkgs.system}.default.overrideAttrs (old: {
inherit PUBLIC_BASE_URL;
2024-08-23 18:27:34 +03:00
GUESTBOOK_BASE_URL = "http://localhost:8080";
2024-08-23 17:18:24 +03:00
});
2024-08-23 18:27:34 +03:00
port = 3003;
2024-08-23 17:18:24 +03:00
in {
users.users.website = {
isSystemUser = true;
group = "website";
};
users.groups.website = {};
systemd.services.website = {
description = "website";
wantedBy = ["multi-user.target"];
after = ["network.target" "guestbook.service"];
2024-08-24 14:40:13 +03:00
environment = {
HOME = "/var/lib/website";
ORIGIN = PUBLIC_BASE_URL;
PORT = toString port;
};
2024-08-23 17:18:24 +03:00
serviceConfig = {
User = "website";
ExecStart = "${pkg}/bin/website";
Restart = "on-failure";
RestartSec = 5;
WorkingDirectory = "/var/lib/website";
2024-08-24 14:40:13 +03:00
EnvironmentFile = config.age.secrets.websiteConfig.path;
2024-08-23 17:18:24 +03:00
};
};
2022-08-11 02:57:40 +03:00
services.nginx.virtualHosts."gaze.systems" = {
2023-05-08 23:09:44 +03:00
useACMEHost = "gaze.systems";
2022-08-11 02:57:40 +03:00
forceSSL = true;
2024-08-23 17:18:24 +03:00
locations."/" = {
proxyPass = "http://localhost:${toString port}";
2024-09-22 01:55:17 +03:00
extraConfig = ''
add_header cache-control "no-store";
'';
2024-08-23 17:18:24 +03:00
};
2022-08-11 02:57:40 +03:00
};
}