diff options
Diffstat (limited to 'modules/private/websites')
| -rw-r--r-- | modules/private/websites/default.nix | 1 | ||||
| -rw-r--r-- | modules/private/websites/tools/stats/default.nix | 52 |
2 files changed, 53 insertions, 0 deletions
diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix index 07ffc3e..fa9ee8d 100644 --- a/modules/private/websites/default.nix +++ b/modules/private/websites/default.nix | |||
| @@ -317,6 +317,7 @@ in | |||
| 317 | tools.performance.enable = true; | 317 | tools.performance.enable = true; |
| 318 | tools.tools.enable = true; | 318 | tools.tools.enable = true; |
| 319 | tools.email.enable = true; | 319 | tools.email.enable = true; |
| 320 | tools.stats.enable = false; | ||
| 320 | 321 | ||
| 321 | games.codenames.enable = true; | 322 | games.codenames.enable = true; |
| 322 | games.terraforming-mars.enable = true; | 323 | games.terraforming-mars.enable = true; |
diff --git a/modules/private/websites/tools/stats/default.nix b/modules/private/websites/tools/stats/default.nix new file mode 100644 index 0000000..5f184bc --- /dev/null +++ b/modules/private/websites/tools/stats/default.nix | |||
| @@ -0,0 +1,52 @@ | |||
| 1 | { config, lib, pkgs, ... }: | ||
| 2 | let | ||
| 3 | cfg = config.myServices.websites.tools.stats; | ||
| 4 | myCfg = config.myEnv.tools.umami; | ||
| 5 | in | ||
| 6 | { | ||
| 7 | options.myServices.websites.tools.stats.enable = lib.mkEnableOption "Enable stats site"; | ||
| 8 | config = lib.mkIf cfg.enable { | ||
| 9 | secrets.keys = [ | ||
| 10 | { | ||
| 11 | dest = "umami/env"; | ||
| 12 | permission = "0400"; | ||
| 13 | text = '' | ||
| 14 | PORT=${toString myCfg.listenPort} | ||
| 15 | HOSTNAME=127.0.0.1 | ||
| 16 | DATABASE_URL=postgresql://${myCfg.postgresql.user}:${myCfg.postgresql.password}@localhost:${myCfg.postgresql.port}/${myCfg.postgresql.database}?sslmode=disable&host=${myCfg.postgresql.socket} | ||
| 17 | HASH_SALT=${myCfg.hashSalt} | ||
| 18 | ''; | ||
| 19 | } | ||
| 20 | ]; | ||
| 21 | |||
| 22 | services.websites.env.tools.vhostConfs.stats = { | ||
| 23 | certName = "eldiron"; | ||
| 24 | addToCerts = true; | ||
| 25 | hosts = [ "stats.immae.eu" ]; | ||
| 26 | root = null; | ||
| 27 | extraConfig = [ | ||
| 28 | '' | ||
| 29 | ProxyPass / http://localhost:${toString myCfg.listenPort}/ | ||
| 30 | ProxyPassReverse / http://localhost:${toString myCfg.listenPort}/ | ||
| 31 | ProxyPreserveHost On | ||
| 32 | '' | ||
| 33 | ]; | ||
| 34 | }; | ||
| 35 | systemd.services.umami = { | ||
| 36 | description = "Umami service"; | ||
| 37 | wantedBy = [ "multi-user.target" ]; | ||
| 38 | after = [ "network.target" ]; | ||
| 39 | wants = [ "postgresql.service" ]; | ||
| 40 | path = [ pkgs.nodejs pkgs.bashInteractive ]; | ||
| 41 | serviceConfig = { | ||
| 42 | Type = "simple"; | ||
| 43 | User = "umami"; | ||
| 44 | Group = "umami"; | ||
| 45 | DynamicUser = true; | ||
| 46 | SupplementaryGroups = [ "keys" ]; | ||
| 47 | ExecStart = "${pkgs.umami}/bin/umami"; | ||
| 48 | EnvironmentFile = config.secrets.fullPaths."umami/env"; | ||
| 49 | }; | ||
| 50 | }; | ||
| 51 | }; | ||
| 52 | } | ||