diff options
Diffstat (limited to 'systems/eldiron/websites/commento/default.nix')
-rw-r--r-- | systems/eldiron/websites/commento/default.nix | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/systems/eldiron/websites/commento/default.nix b/systems/eldiron/websites/commento/default.nix new file mode 100644 index 0000000..c5131b8 --- /dev/null +++ b/systems/eldiron/websites/commento/default.nix | |||
@@ -0,0 +1,84 @@ | |||
1 | { lib, pkgs, config, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.websites.tools.commento; | ||
4 | env = config.myEnv.tools.commento; | ||
5 | webPort = "${host}:${port}"; | ||
6 | port = toString env.listenPort; | ||
7 | host = "localhost"; | ||
8 | postgresql_url = "postgres://${env.postgresql.user}:${env.postgresql.password}@localhost:${env.postgresql.port}/${env.postgresql.database}?sslmode=disable"; | ||
9 | in | ||
10 | { | ||
11 | options.myServices.websites.tools.commento = { | ||
12 | enable = lib.mkEnableOption "Enable commento website"; | ||
13 | }; | ||
14 | config = lib.mkIf cfg.enable { | ||
15 | myServices.dns.zones."immae.eu".subdomains.commento = | ||
16 | with config.myServices.dns.helpers; ips servers.eldiron.ips.main; | ||
17 | |||
18 | myServices.chatonsProperties.services.commento = { | ||
19 | file.datetime = "2022-08-21T01:11:00"; | ||
20 | service = { | ||
21 | name = "Commento"; | ||
22 | description = "Commento is a fast, privacy-focused commenting platform"; | ||
23 | website = "https://commento.immae.eu"; | ||
24 | logo = "https://commento.immae.eu/images/logo.svg"; | ||
25 | status.level = "OK"; | ||
26 | status.description = "OK"; | ||
27 | registration."" = ["MEMBER" "CLIENT"]; | ||
28 | registration.load = "OPEN"; | ||
29 | install.type = "PACKAGE"; | ||
30 | }; | ||
31 | software = { | ||
32 | name = "Commento"; | ||
33 | website = "https://www.commento.io/"; | ||
34 | license.url = "https://gitlab.com/commento/commento/-/blob/master/LICENSE"; | ||
35 | license.name = "MIT License"; | ||
36 | version = pkgs.commento.version; | ||
37 | source.url = "https://gitlab.com/commento/commento"; | ||
38 | }; | ||
39 | }; | ||
40 | secrets.keys = { | ||
41 | "commento/env" = { | ||
42 | permissions = "0400"; | ||
43 | text = '' | ||
44 | COMMENTO_ORIGIN=https://commento.immae.eu/ | ||
45 | COMMENTO_PORT=${port} | ||
46 | COMMENTO_POSTGRES=${postgresql_url} | ||
47 | COMMENTO_FORBID_NEW_OWNERS=true | ||
48 | COMMENTO_BIND_ADDRESS=${host} | ||
49 | COMMENTO_GZIP_STATIC=true | ||
50 | COMMENTO_SMTP_HOST=${env.smtp.host} | ||
51 | COMMENTO_SMTP_PORT=${env.smtp.port} | ||
52 | COMMENTO_SMTP_USERNAME=${env.smtp.email} | ||
53 | COMMENTO_SMTP_PASSWORD=${env.smtp.password} | ||
54 | COMMENTO_SMTP_FROM_ADDRESS=${env.smtp.email} | ||
55 | ''; | ||
56 | }; | ||
57 | }; | ||
58 | |||
59 | security.acme.certs.eldiron.extraDomainNames = [ "commento.immae.eu" ]; | ||
60 | services.websites.env.tools.vhostConfs.commento = { | ||
61 | certName = "eldiron"; | ||
62 | hosts = [ "commento.immae.eu" ]; | ||
63 | root = null; | ||
64 | extraConfig = [ | ||
65 | '' | ||
66 | ProxyPass / http://${webPort}/ | ||
67 | ProxyPassReverse / http://${webPort}/ | ||
68 | ProxyPreserveHost On | ||
69 | '' | ||
70 | ]; | ||
71 | }; | ||
72 | systemd.services.commento = { | ||
73 | description = "Commento"; | ||
74 | wantedBy = [ "multi-user.target" ]; | ||
75 | requires = ["postgresql.service"]; | ||
76 | after = ["network.target" "postgresql.service"]; | ||
77 | serviceConfig = { | ||
78 | User = "wwwrun"; | ||
79 | ExecStart = "${pkgs.commento}/commento"; | ||
80 | EnvironmentFile = config.secrets.fullPaths."commento/env"; | ||
81 | }; | ||
82 | }; | ||
83 | }; | ||
84 | } | ||