33 lines
957 B
Nix
33 lines
957 B
Nix
{ pkgs, miifox-net, ... }: {
|
|
users.users.miifox = {
|
|
createHome = true;
|
|
description = "Miifox";
|
|
group = "users";
|
|
home = "/home/miifox";
|
|
isNormalUser = true;
|
|
uid = 1001;
|
|
};
|
|
home-manager.users.miifox = import ../home-manager/miifox.nix;
|
|
systemd.slices."user-1001".sliceConfig = {
|
|
CPUQuota = "100%";
|
|
MemoryHigh = "1G";
|
|
MemoryMax = "1.1G";
|
|
};
|
|
services.postgresql.ensureDatabases = [ "miifox" ];
|
|
services.postgresql.ensureUsers = [{
|
|
name = "miifox";
|
|
ensurePermissions = { "DATABASE miifox" = "ALL PRIVILEGES"; };
|
|
}];
|
|
services.nginx.virtualHosts."miifox.net" = {
|
|
acmeRoot = "/home/miifox/miifox.net";
|
|
sslCertificate = "/var/lib/acme/miifox.net/cert.pem";
|
|
sslCertificateKey = "/var/lib/acme/miifox.net/key.pem";
|
|
locations."/" =
|
|
let
|
|
miifox-website = pkgs.callPackage (import ../../packages/miifox.nix miifox-net) {};
|
|
in
|
|
{
|
|
root = "${miifox-website}";
|
|
};
|
|
};
|
|
}
|