Squash changes containing private information

[perso/Immae/Config/Nix.git] / systems / eldiron / gemini / default.nix

diff --git a/systems/eldiron/gemini/default.nix b/systems/eldiron/gemini/default.nix
new file mode 100644 (file)
index 0000000..600afbc
--- /dev/null
+++ b/systems/eldiron/gemini/default.nix
@@ -0,0 +1,50 @@
+{ lib, config, pkgs, ... }:
+let
+  configFile = pkgs.writeText "config.yaml" ''
+    listen: ":1965"
+    hosts:
+      immae.eu:
+        cert: /var/lib/acme/immae/full.pem
+        key: /var/lib/acme/immae/key.pem
+        paths:
+          - path: /
+            root: ${./public}
+  '';
+in
+{
+  options.myServices.gemini.enable = lib.mkEnableOption "enable Gemini capsule";
+  config = lib.mkIf config.myServices.gemini.enable {
+    security.acme.certs.immae.postRun = ''
+      systemctl restart gemini.service
+    '';
+    myServices.chatonsProperties.hostings.gemini = {
+      file.datetime = "2022-08-27T18:00:00";
+      hosting = {
+        name = "Hébergement Gemini";
+        description = "Hébergement de capsules Gemini";
+        type = "INSTANCE";
+        website = "gemini://immae.eu";
+        status.level = "OK";
+        status.description = "OK";
+        registration.load = "OPEN";
+        install.type = "PACKAGE";
+      };
+      software = {
+        name = "twins";
+        website = "https://code.rocketnine.space/tslocum/twins";
+        license.url = "https://code.rocketnine.space/tslocum/twins/src/branch/master/LICENSE";
+        license.name = "MIT License";
+        version = pkgs.twins.version;
+        source.url = "https://code.rocketnine.space/tslocum/twins";
+      };
+    };
+    networking.firewall.allowedTCPPorts = [ 1965 ];
+    systemd.services.gemini = {
+      description = "Gemini capsule server";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" ];
+      serviceConfig.ExecStart = "${pkgs.twins}/bin/twins -config ${configFile}";
+      serviceConfig.Type = "simple";
+    };
+  };
+}