aboutsummaryrefslogtreecommitdiff
path: root/systems/eldiron/websites/commento/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'systems/eldiron/websites/commento/default.nix')
-rw-r--r--systems/eldiron/websites/commento/default.nix84
1 files changed, 84 insertions, 0 deletions
diff --git a/systems/eldiron/websites/commento/default.nix b/systems/eldiron/websites/commento/default.nix
new file mode 100644
index 0000000..c5131b8
--- /dev/null
+++ b/systems/eldiron/websites/commento/default.nix
@@ -0,0 +1,84 @@
1{ lib, pkgs, config, ... }:
2let
3 cfg = config.myServices.websites.tools.commento;
4 env = config.myEnv.tools.commento;
5 webPort = "${host}:${port}";
6 port = toString env.listenPort;
7 host = "localhost";
8 postgresql_url = "postgres://${env.postgresql.user}:${env.postgresql.password}@localhost:${env.postgresql.port}/${env.postgresql.database}?sslmode=disable";
9in
10{
11 options.myServices.websites.tools.commento = {
12 enable = lib.mkEnableOption "Enable commento website";
13 };
14 config = lib.mkIf cfg.enable {
15 myServices.dns.zones."immae.eu".subdomains.commento =
16 with config.myServices.dns.helpers; ips servers.eldiron.ips.main;
17
18 myServices.chatonsProperties.services.commento = {
19 file.datetime = "2022-08-21T01:11:00";
20 service = {
21 name = "Commento";
22 description = "Commento is a fast, privacy-focused commenting platform";
23 website = "https://commento.immae.eu";
24 logo = "https://commento.immae.eu/images/logo.svg";
25 status.level = "OK";
26 status.description = "OK";
27 registration."" = ["MEMBER" "CLIENT"];
28 registration.load = "OPEN";
29 install.type = "PACKAGE";
30 };
31 software = {
32 name = "Commento";
33 website = "https://www.commento.io/";
34 license.url = "https://gitlab.com/commento/commento/-/blob/master/LICENSE";
35 license.name = "MIT License";
36 version = pkgs.commento.version;
37 source.url = "https://gitlab.com/commento/commento";
38 };
39 };
40 secrets.keys = {
41 "commento/env" = {
42 permissions = "0400";
43 text = ''
44 COMMENTO_ORIGIN=https://commento.immae.eu/
45 COMMENTO_PORT=${port}
46 COMMENTO_POSTGRES=${postgresql_url}
47 COMMENTO_FORBID_NEW_OWNERS=true
48 COMMENTO_BIND_ADDRESS=${host}
49 COMMENTO_GZIP_STATIC=true
50 COMMENTO_SMTP_HOST=${env.smtp.host}
51 COMMENTO_SMTP_PORT=${env.smtp.port}
52 COMMENTO_SMTP_USERNAME=${env.smtp.email}
53 COMMENTO_SMTP_PASSWORD=${env.smtp.password}
54 COMMENTO_SMTP_FROM_ADDRESS=${env.smtp.email}
55 '';
56 };
57 };
58
59 security.acme.certs.eldiron.extraDomainNames = [ "commento.immae.eu" ];
60 services.websites.env.tools.vhostConfs.commento = {
61 certName = "eldiron";
62 hosts = [ "commento.immae.eu" ];
63 root = null;
64 extraConfig = [
65 ''
66 ProxyPass / http://${webPort}/
67 ProxyPassReverse / http://${webPort}/
68 ProxyPreserveHost On
69 ''
70 ];
71 };
72 systemd.services.commento = {
73 description = "Commento";
74 wantedBy = [ "multi-user.target" ];
75 requires = ["postgresql.service"];
76 after = ["network.target" "postgresql.service"];
77 serviceConfig = {
78 User = "wwwrun";
79 ExecStart = "${pkgs.commento}/commento";
80 EnvironmentFile = config.secrets.fullPaths."commento/env";
81 };
82 };
83 };
84}