--- /dev/null
+{ lib, config, pkgs, ... }:
+let
+ cfg = config.myServices.websites.denise.bingo;
+ varDir = "/var/lib/buildbot/outputs/denise/bingo";
+ varDirBeta = "/var/lib/buildbot/outputs/denise/bingo_beta";
+ socket = "/run/denise_bingo/socket.sock";
+ socket_beta = "/run/denise_bingo_beta/socket.sock";
+in {
+ options.myServices.websites.denise.bingo.enable = lib.mkEnableOption "enable Denise's bingo website";
+
+ config = lib.mkIf cfg.enable {
+ services.websites.env.production.vhostConfs.denise_bingo = {
+ certName = "denise";
+ addToCerts = true;
+ hosts = [ "bingo.syanni.eu" ];
+ root = null;
+ extraConfig = [
+ ''
+ ProxyPreserveHost on
+ ProxyVia On
+ ProxyRequests Off
+ ProxyPassMatch ^/.well-known/acme-challenge !
+ ProxyPass / unix://${socket}|http://bingo.syanni.eu/
+ ProxyPassReverse / unix://${socket}|http://bingo.syanni.eu/
+ ''
+ ];
+ };
+
+ systemd.services.denise-bingo = {
+ description = "Denise bingo website";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ serviceConfig = {
+ Type = "simple";
+ WorkingDirectory = varDir;
+ ExecStart = let
+ python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.matplotlib p.unidecode ]);
+ in
+ "${python}/bin/gunicorn -w4 -p /run/denise_bingo/gunicorn.pid --bind unix:${socket} app:app";
+ User = "wwwrun";
+ Restart = "always";
+ RestartSec = "5s";
+ PIDFile = "/run/denise_bingo/gunicorn.pid";
+ RuntimeDirectory = "denise_bingo";
+ StandardOutput = "journal";
+ StandardError = "inherit";
+ };
+ };
+
+ security.sudo.extraRules = [
+ {
+ commands = [
+ { options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-bingo-beta.service"; }
+ { options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-bingo.service"; }
+ ];
+ users = ["buildbot"];
+ runAs = "root";
+ }
+ ];
+ services.websites.env.integration.vhostConfs.denise_bingo_beta = {
+ certName = "denise";
+ addToCerts = true;
+ hosts = [ "beta.bingo.syanni.eu" ];
+ root = null;
+ extraConfig = [
+ ''
+ ProxyPreserveHost on
+ ProxyVia On
+ ProxyRequests Off
+ ProxyPassMatch ^/.well-known/acme-challenge !
+ ProxyPass / unix://${socket_beta}|http://beta.bingo.syanni.eu/
+ ProxyPassReverse / unix://${socket_beta}|http://beta.bingo.syanni.eu/
+ ''
+ ];
+ };
+
+ systemd.services.denise-bingo-beta = {
+ description = "Denise bingo beta website";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ serviceConfig = {
+ Type = "simple";
+ WorkingDirectory = varDirBeta;
+ ExecStart = let
+ python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask ]);
+ in
+ "${python}/bin/gunicorn -w4 -p /run/denise_bingo_beta/gunicorn.pid --bind unix:${socket_beta} app:app";
+ User = "wwwrun";
+ Restart = "always";
+ RestartSec = "5s";
+ PIDFile = "/run/denise_bingo_beta/gunicorn.pid";
+ RuntimeDirectory = "denise_bingo_beta";
+ StandardOutput = "journal";
+ StandardError = "inherit";
+ };
+ };
+ };
+}