config = lib.mkIf scfg.enable {
services.duplyBackup.profiles.syden_peertube = {
rootDir = dataDir;
+ remotes = ["eriomem" "ovh"];
};
users.users.peertube = {
uid = config.ids.uids.peertube;
users.groups.peertube.gid = config.ids.gids.peertube;
secrets.keys = [{
- dest = "webapps/syden-peertube";
+ dest = "websites/syden/peertube";
user = "peertube";
group = "peertube";
permissions = "0640";
port: ${toString env.listenPort}
webserver:
https: true
- hostname: 'syden.immae.eu'
+ hostname: 'record-links.immae.eu'
port: 443
database:
hostname: '${env.postgresql.socket}'
services.filesWatcher.syden_peertube = {
restart = true;
- paths = [ "/var/secrets/webapps/syden-peertube" ];
+ paths = [ config.secrets.fullPaths."websites/syden/peertube" ];
};
systemd.services.syden_peertube = {
script = ''
install -m 0750 -d ${dataDir}/config
- ln -sf /var/secrets/webapps/syden-peertube ${dataDir}/config/production.yaml
+ ln -sf ${config.secrets.fullPaths."websites/syden/peertube"} ${dataDir}/config/production.yaml
ln -sf ${package}/config/default.yaml ${dataDir}/config/default.yaml
exec npm run start
'';
};
services.websites.env.production.vhostConfs.syden_peertube = {
- certName = "eldiron";
- addToCerts = true;
- hosts = [ "syden.immae.eu" ];
- root = null;
- extraConfig = [ ''
+ certName = "syden";
+ addToCerts = true;
+ certMainHost = "record-links.immae.eu";
+ hosts = [ "record-links.immae.eu" ];
+ root = null;
+ extraConfig = [ ''
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
projects / perso / Immae / Config / Nix.git / blobdiff