]>
Commit | Line | Data |
---|---|---|
6338573a IB |
1 | { lib, pkgs, config, ... }: |
2 | let | |
3 | cfg = config.myServices.websites.tools.commento; | |
4 | env = config.myEnv.tools.commento; | |
5 | webPort = "${host}:${port}"; | |
6 | port = toString env.listenPort; | |
7 | host = "localhost"; | |
8 | postgresql_url = "postgres://${env.postgresql.user}:${env.postgresql.password}@localhost:${env.postgresql.port}/${env.postgresql.database}?sslmode=disable"; | |
9 | in | |
10 | { | |
11 | options.myServices.websites.tools.commento = { | |
12 | enable = lib.mkEnableOption "Enable commento website"; | |
13 | }; | |
14 | config = lib.mkIf cfg.enable { | |
1c90c0dd IB |
15 | services.borgBackup.profiles.global.includedPaths = [ |
16 | "vhost/tools.immae.eu/commento" | |
17 | ]; | |
1a64deeb IB |
18 | myServices.dns.zones."immae.eu".subdomains.commento = |
19 | with config.myServices.dns.helpers; ips servers.eldiron.ips.main; | |
20 | ||
21 | myServices.chatonsProperties.services.commento = { | |
22 | file.datetime = "2022-08-21T01:11:00"; | |
23 | service = { | |
24 | name = "Commento"; | |
25 | description = "Commento is a fast, privacy-focused commenting platform"; | |
26 | website = "https://commento.immae.eu"; | |
27 | logo = "https://commento.immae.eu/images/logo.svg"; | |
28 | status.level = "OK"; | |
29 | status.description = "OK"; | |
30 | registration."" = ["MEMBER" "CLIENT"]; | |
31 | registration.load = "OPEN"; | |
32 | install.type = "PACKAGE"; | |
33 | }; | |
34 | software = { | |
35 | name = "Commento"; | |
36 | website = "https://www.commento.io/"; | |
37 | license.url = "https://gitlab.com/commento/commento/-/blob/master/LICENSE"; | |
38 | license.name = "MIT License"; | |
39 | version = pkgs.commento.version; | |
40 | source.url = "https://gitlab.com/commento/commento"; | |
41 | }; | |
42 | }; | |
4c4652aa IB |
43 | secrets.keys = { |
44 | "commento/env" = { | |
45 | permissions = "0400"; | |
6338573a IB |
46 | text = '' |
47 | COMMENTO_ORIGIN=https://commento.immae.eu/ | |
48 | COMMENTO_PORT=${port} | |
49 | COMMENTO_POSTGRES=${postgresql_url} | |
50 | COMMENTO_FORBID_NEW_OWNERS=true | |
51 | COMMENTO_BIND_ADDRESS=${host} | |
52 | COMMENTO_GZIP_STATIC=true | |
53 | COMMENTO_SMTP_HOST=${env.smtp.host} | |
54 | COMMENTO_SMTP_PORT=${env.smtp.port} | |
55 | COMMENTO_SMTP_USERNAME=${env.smtp.email} | |
56 | COMMENTO_SMTP_PASSWORD=${env.smtp.password} | |
57 | COMMENTO_SMTP_FROM_ADDRESS=${env.smtp.email} | |
58 | ''; | |
4c4652aa IB |
59 | }; |
60 | }; | |
6338573a | 61 | |
1a64deeb | 62 | security.acme.certs.eldiron.extraDomainNames = [ "commento.immae.eu" ]; |
6338573a IB |
63 | services.websites.env.tools.vhostConfs.commento = { |
64 | certName = "eldiron"; | |
6338573a IB |
65 | hosts = [ "commento.immae.eu" ]; |
66 | root = null; | |
67 | extraConfig = [ | |
68 | '' | |
69 | ProxyPass / http://${webPort}/ | |
70 | ProxyPassReverse / http://${webPort}/ | |
71 | ProxyPreserveHost On | |
72 | '' | |
73 | ]; | |
74 | }; | |
75 | systemd.services.commento = { | |
76 | description = "Commento"; | |
77 | wantedBy = [ "multi-user.target" ]; | |
78 | requires = ["postgresql.service"]; | |
79 | after = ["network.target" "postgresql.service"]; | |
80 | serviceConfig = { | |
81 | User = "wwwrun"; | |
82 | ExecStart = "${pkgs.commento}/commento"; | |
83 | EnvironmentFile = config.secrets.fullPaths."commento/env"; | |
84 | }; | |
85 | }; | |
86 | }; | |
87 | } |