2022-08-11 02:57:40 +03:00
|
|
|
{
|
2024-08-24 14:40:13 +03:00
|
|
|
config,
|
2022-08-11 02:57:40 +03:00
|
|
|
pkgs,
|
|
|
|
inputs,
|
|
|
|
...
|
2024-08-23 17:18:24 +03:00
|
|
|
}: let
|
|
|
|
PUBLIC_BASE_URL = "https://gaze.systems";
|
|
|
|
pkg = inputs.blog.packages.${pkgs.system}.default.overrideAttrs (old: {
|
|
|
|
inherit PUBLIC_BASE_URL;
|
2024-08-23 18:27:34 +03:00
|
|
|
GUESTBOOK_BASE_URL = "http://localhost:8080";
|
2024-08-23 17:18:24 +03:00
|
|
|
});
|
2024-08-23 18:27:34 +03:00
|
|
|
port = 3003;
|
2024-08-23 17:18:24 +03:00
|
|
|
in {
|
|
|
|
users.users.website = {
|
|
|
|
isSystemUser = true;
|
|
|
|
group = "website";
|
|
|
|
};
|
|
|
|
users.groups.website = {};
|
|
|
|
|
|
|
|
systemd.services.website = {
|
|
|
|
description = "website";
|
|
|
|
wantedBy = ["multi-user.target"];
|
|
|
|
after = ["network.target" "guestbook.service"];
|
2024-08-24 14:40:13 +03:00
|
|
|
environment = {
|
|
|
|
HOME = "/var/lib/website";
|
|
|
|
ORIGIN = PUBLIC_BASE_URL;
|
|
|
|
PORT = toString port;
|
|
|
|
};
|
2024-08-23 17:18:24 +03:00
|
|
|
serviceConfig = {
|
|
|
|
User = "website";
|
|
|
|
ExecStart = "${pkg}/bin/website";
|
|
|
|
Restart = "on-failure";
|
|
|
|
RestartSec = 5;
|
|
|
|
WorkingDirectory = "/var/lib/website";
|
2024-08-24 14:40:13 +03:00
|
|
|
EnvironmentFile = config.age.secrets.websiteConfig.path;
|
2024-08-23 17:18:24 +03:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2022-08-11 02:57:40 +03:00
|
|
|
services.nginx.virtualHosts."gaze.systems" = {
|
2023-05-08 23:09:44 +03:00
|
|
|
useACMEHost = "gaze.systems";
|
2022-08-11 02:57:40 +03:00
|
|
|
forceSSL = true;
|
2024-08-23 17:18:24 +03:00
|
|
|
locations."/" = {
|
|
|
|
proxyPass = "http://localhost:${toString port}";
|
2024-09-22 01:55:17 +03:00
|
|
|
extraConfig = ''
|
|
|
|
add_header cache-control "no-store";
|
|
|
|
'';
|
2024-08-23 17:18:24 +03:00
|
|
|
};
|
2022-08-11 02:57:40 +03:00
|
|
|
};
|
|
|
|
}
|