{ lib, config, pkgs, ... }:
-let
- configFile = pkgs.writeText "config.yaml" ''
- listen: ":1965"
- hosts:
- immae.eu:
- cert: /var/lib/acme/immae/full.pem
- key: /var/lib/acme/immae/key.pem
- paths:
- - path: /
- root: ${./public}
- '';
-in
{
options.myServices.gemini.enable = lib.mkEnableOption "enable Gemini capsule";
config = lib.mkIf config.myServices.gemini.enable {
- security.acme.certs.immae.postRun = ''
- systemctl restart gemini.service
- '';
myServices.chatonsProperties.hostings.gemini = {
file.datetime = "2022-08-27T18:00:00";
hosting = {
install.type = "PACKAGE";
};
software = {
- name = "twins";
- website = "https://code.rocketnine.space/tslocum/twins";
- license.url = "https://code.rocketnine.space/tslocum/twins/src/branch/master/LICENSE";
- license.name = "MIT License";
- version = pkgs.twins.version;
- source.url = "https://code.rocketnine.space/tslocum/twins";
+ name = "stargazer";
+ website = "https://git.sr.ht/~zethra/stargazer/";
+ license.url = "https://git.sr.ht/~zethra/stargazer/tree/main/LICENSE";
+ license.name = "GNU AFFERO GENERAL PUBLIC LICENSE Version 3";
+ version = pkgs.stargazer.version;
+ source.url = "https://git.sr.ht/~zethra/stargazer/";
};
};
networking.firewall.allowedTCPPorts = [ 1965 ];
- systemd.services.gemini = {
- description = "Gemini capsule server";
- wantedBy = [ "multi-user.target" ];
- after = [ "network.target" ];
- serviceConfig.ExecStart = "${pkgs.twins}/bin/twins -config ${configFile}";
- serviceConfig.Type = "simple";
+ security.acme.certs = {
+ "gemini" = {
+ group = "stargazer";
+ domain = "immae.eu";
+ keyType = "rsa4096";
+ postRun = ''
+ cp -a key.pem key_pkcs8.pem
+ sed -i -e "s/ RSA PRIVATE KEY/ PRIVATE KEY/" key_pkcs8.pem
+ systemctl restart stargazer.service
+ '';
+ extraDomainNames = [];
+ };
+ };
+ services.stargazer = {
+ enable = true;
+ ipLog = true;
+ requestTimeout = 0;
+ genCerts = false;
+ regenCerts = false;
};
};
}
projects / perso / Immae / Config / Nix.git / blobdiff