[perso/Immae/Config/Nix.git] / systems / eldiron / websites / commento / default.nix

{ lib, pkgs, config, ... }:
let
  cfg = config.myServices.websites.tools.commento;
  env = config.myEnv.tools.commento;
  webPort = "${host}:${port}";
  port = toString env.listenPort;
  host = "localhost";
  postgresql_url = "postgres://${env.postgresql.user}:${env.postgresql.password}@localhost:${env.postgresql.port}/${env.postgresql.database}?sslmode=disable";
in
{
  options.myServices.websites.tools.commento = {
    enable = lib.mkEnableOption "Enable commento website";
  };
  config = lib.mkIf cfg.enable {
    services.borgBackup.profiles.global.includedPaths = [
      "vhost/tools.immae.eu/commento"
    ];
    myServices.dns.zones."immae.eu".subdomains.commento =
      with config.myServices.dns.helpers; ips servers.eldiron.ips.main;

    myServices.chatonsProperties.services.commento = {
      file.datetime = "2022-08-21T01:11:00";
      service = {
        name = "Commento";
        description = "Commento is a fast, privacy-focused commenting platform";
        website = "https://commento.immae.eu";
        logo = "https://commento.immae.eu/images/logo.svg";
        status.level = "OK";
        status.description = "OK";
        registration."" = ["MEMBER" "CLIENT"];
        registration.load = "OPEN";
        install.type = "PACKAGE";
      };
      software = {
        name = "Commento";
        website = "https://www.commento.io/";
        license.url = "https://gitlab.com/commento/commento/-/blob/master/LICENSE";
        license.name = "MIT License";
        version = pkgs.commento.version;
        source.url = "https://gitlab.com/commento/commento";
      };
    };
    secrets.keys = {
      "commento/env" = {
        permissions = "0400";
        text = ''
          COMMENTO_ORIGIN=https://commento.immae.eu/
          COMMENTO_PORT=${port}
          COMMENTO_POSTGRES=${postgresql_url}
          COMMENTO_FORBID_NEW_OWNERS=true
          COMMENTO_BIND_ADDRESS=${host}
          COMMENTO_GZIP_STATIC=true
          COMMENTO_SMTP_HOST=${env.smtp.host}
          COMMENTO_SMTP_PORT=${env.smtp.port}
          COMMENTO_SMTP_USERNAME=${env.smtp.email}
          COMMENTO_SMTP_PASSWORD=${env.smtp.password}
          COMMENTO_SMTP_FROM_ADDRESS=${env.smtp.email}
        '';
      };
    };

    security.acme.certs.eldiron.extraDomainNames = [ "commento.immae.eu" ];
    services.websites.env.tools.vhostConfs.commento = {
      certName = "eldiron";
      hosts = [ "commento.immae.eu" ];
      root = null;
      extraConfig = [
        ''
          ProxyPass / http://${webPort}/
          ProxyPassReverse / http://${webPort}/
          ProxyPreserveHost On
        ''
      ];
    };
    systemd.services.commento = {
      description = "Commento";
      wantedBy = [ "multi-user.target" ];
      requires = ["postgresql.service"];
      after = ["network.target" "postgresql.service"];
      serviceConfig = {
        User = "wwwrun";
        ExecStart = "${pkgs.commento}/commento";
        EnvironmentFile = config.secrets.fullPaths."commento/env";
      };
    };
  };
}
Commit	Line	Data
6338573a IB	1	{ lib, pkgs, config, ... }:
	2	let
	3	cfg = config.myServices.websites.tools.commento;
	4	env = config.myEnv.tools.commento;
	5	webPort = "${host}:${port}";
	6	port = toString env.listenPort;
	7	host = "localhost";
	8	postgresql_url = "postgres://${env.postgresql.user}:${env.postgresql.password}@localhost:${env.postgresql.port}/${env.postgresql.database}?sslmode=disable";
	9	in
	10	{
	11	options.myServices.websites.tools.commento = {
	12	enable = lib.mkEnableOption "Enable commento website";
	13	};
	14	config = lib.mkIf cfg.enable {
1c90c0dd IB	15	services.borgBackup.profiles.global.includedPaths = [
	16	"vhost/tools.immae.eu/commento"
	17	];
1a64deeb IB	18	myServices.dns.zones."immae.eu".subdomains.commento =
	19	with config.myServices.dns.helpers; ips servers.eldiron.ips.main;
	20
	21	myServices.chatonsProperties.services.commento = {
	22	file.datetime = "2022-08-21T01:11:00";
	23	service = {
	24	name = "Commento";
	25	description = "Commento is a fast, privacy-focused commenting platform";
	26	website = "https://commento.immae.eu";
	27	logo = "https://commento.immae.eu/images/logo.svg";
	28	status.level = "OK";
	29	status.description = "OK";
	30	registration."" = ["MEMBER" "CLIENT"];
	31	registration.load = "OPEN";
	32	install.type = "PACKAGE";
	33	};
	34	software = {
	35	name = "Commento";
	36	website = "https://www.commento.io/";
	37	license.url = "https://gitlab.com/commento/commento/-/blob/master/LICENSE";
	38	license.name = "MIT License";
	39	version = pkgs.commento.version;
	40	source.url = "https://gitlab.com/commento/commento";
	41	};
	42	};
4c4652aa IB	43	secrets.keys = {
	44	"commento/env" = {
	45	permissions = "0400";
6338573a IB	46	text = ''
	47	COMMENTO_ORIGIN=https://commento.immae.eu/
	48	COMMENTO_PORT=${port}
	49	COMMENTO_POSTGRES=${postgresql_url}
	50	COMMENTO_FORBID_NEW_OWNERS=true
	51	COMMENTO_BIND_ADDRESS=${host}
	52	COMMENTO_GZIP_STATIC=true
	53	COMMENTO_SMTP_HOST=${env.smtp.host}
	54	COMMENTO_SMTP_PORT=${env.smtp.port}
	55	COMMENTO_SMTP_USERNAME=${env.smtp.email}
	56	COMMENTO_SMTP_PASSWORD=${env.smtp.password}
	57	COMMENTO_SMTP_FROM_ADDRESS=${env.smtp.email}
	58	'';
4c4652aa IB	59	};
4c4652aa IB	60	};
6338573a	61
1a64deeb	62	security.acme.certs.eldiron.extraDomainNames = [ "commento.immae.eu" ];
6338573a IB	63	services.websites.env.tools.vhostConfs.commento = {
6338573a IB	64	certName = "eldiron";
6338573a IB	65	hosts = [ "commento.immae.eu" ];
	66	root = null;
	67	extraConfig = [
	68	''
	69	ProxyPass / http://${webPort}/
	70	ProxyPassReverse / http://${webPort}/
	71	ProxyPreserveHost On
	72	''
	73	];
	74	};
	75	systemd.services.commento = {
	76	description = "Commento";
	77	wantedBy = [ "multi-user.target" ];
	78	requires = ["postgresql.service"];
	79	after = ["network.target" "postgresql.service"];
	80	serviceConfig = {
	81	User = "wwwrun";
	82	ExecStart = "${pkgs.commento}/commento";
	83	EnvironmentFile = config.secrets.fullPaths."commento/env";
	84	};
	85	};
	86	};
	87	}