]>
Commit | Line | Data |
---|---|---|
a565d58b IB |
1 | { config, lib, pkgs, ... }: |
2 | let | |
3 | cfg = config.myServices.websites.tools.stats; | |
4 | myCfg = config.myEnv.tools.umami; | |
5 | in | |
6 | { | |
7 | options.myServices.websites.tools.stats.enable = lib.mkEnableOption "Enable stats site"; | |
8 | config = lib.mkIf cfg.enable { | |
4c4652aa IB |
9 | secrets.keys = { |
10 | "uami/env" = { | |
a565d58b IB |
11 | permission = "0400"; |
12 | text = '' | |
13 | PORT=${toString myCfg.listenPort} | |
14 | HOSTNAME=127.0.0.1 | |
15 | DATABASE_URL=postgresql://${myCfg.postgresql.user}:${myCfg.postgresql.password}@localhost:${myCfg.postgresql.port}/${myCfg.postgresql.database}?sslmode=disable&host=${myCfg.postgresql.socket} | |
16 | HASH_SALT=${myCfg.hashSalt} | |
17 | ''; | |
4c4652aa IB |
18 | }; |
19 | }; | |
a565d58b IB |
20 | |
21 | services.websites.env.tools.vhostConfs.stats = { | |
22 | certName = "eldiron"; | |
23 | addToCerts = true; | |
24 | hosts = [ "stats.immae.eu" ]; | |
25 | root = null; | |
26 | extraConfig = [ | |
27 | '' | |
28 | ProxyPass / http://localhost:${toString myCfg.listenPort}/ | |
29 | ProxyPassReverse / http://localhost:${toString myCfg.listenPort}/ | |
30 | ProxyPreserveHost On | |
31 | '' | |
32 | ]; | |
33 | }; | |
34 | systemd.services.umami = { | |
35 | description = "Umami service"; | |
36 | wantedBy = [ "multi-user.target" ]; | |
37 | after = [ "network.target" ]; | |
38 | wants = [ "postgresql.service" ]; | |
39 | path = [ pkgs.nodejs pkgs.bashInteractive ]; | |
40 | serviceConfig = { | |
41 | Type = "simple"; | |
42 | User = "umami"; | |
43 | Group = "umami"; | |
44 | DynamicUser = true; | |
45 | SupplementaryGroups = [ "keys" ]; | |
46 | ExecStart = "${pkgs.umami}/bin/umami"; | |
47 | EnvironmentFile = config.secrets.fullPaths."umami/env"; | |
48 | }; | |
49 | }; | |
50 | }; | |
51 | } |