nixos-config/config/services/chir-rs.nix

31 lines
824 B
Nix

{pkgs, ...}: {
systemd.services.chirrs = {
enable = true;
description = "chir.rs";
script = "${pkgs.chir-rs}/chir-rs-server";
serviceConfig = {
WorkingDirectory = pkgs.chir-rs;
EnvironmentFile = "/run/secrets/services/chir.rs";
};
wantedBy = ["multi-user.target"];
};
services.caddy.virtualHosts."api.chir.rs" = {
useACMEHost = "chir.rs";
logFormat = pkgs.lib.mkForce "";
extraConfig = ''
import baseConfig
rewrite * /api.chir.rs/{path}
reverse_proxy {
to http://localhost:8621
}
'';
};
services.postgresql.ensureDatabases = ["homepage"];
services.postgresql.ensureUsers = [
{
name = "homepage";
ensurePermissions = {"DATABASE homepage" = "ALL PRIVILEGES";};
}
];
sops.secrets."services/chir.rs" = {};
}