dotfiles/nixos/boxes/vpsfree1/fossil.nix

73 lines
1.8 KiB
Nix
Raw Normal View History

2022-10-23 00:06:39 +01:00
{ config, pkgs, inputs, lib, ... }:
let
port = 8081;
domain = "fossil.cyplo.dev";
baseurl = "https://${domain}";
2022-10-23 09:48:16 +01:00
path = "/var/lib/fossil";
2022-10-23 00:06:39 +01:00
in {
imports = [ ../nginx.nix ];
services.nginx = {
virtualHosts = {
"${domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = { proxyPass = "http://localhost:" + toString port; };
};
};
};
containers.fossil = {
autoStart = true;
forwardPorts = [{
containerPort = port;
hostPort = port;
}];
2022-10-23 09:48:16 +01:00
bindMounts = {
"${path}" = {
hostPath = "${path}";
isReadOnly = false;
};
};
2022-10-23 00:06:39 +01:00
config = { config, pkgs, ... }:
let
user = "fossil";
group = "fossil";
in {
2022-10-23 11:22:19 +01:00
system.stateVersion = "22.05";
2022-10-23 09:48:16 +01:00
environment.systemPackages = [ pkgs.fossil ];
2022-10-23 00:06:39 +01:00
users.groups = { "${group}" = { }; };
users.users = {
fossil = {
2022-11-08 17:06:20 +00:00
inherit group;
2022-10-23 00:06:39 +01:00
description = "Fossil Service";
home = path;
useDefaultShell = true;
isSystemUser = true;
};
};
systemd.tmpfiles.rules = [ "d '${path}' 0770 ${user} ${group} - -" ];
systemd.services.fossil = {
description = "fossil server";
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.fossil pkgs.git ];
serviceConfig = {
User = user;
Group = group;
WorkingDirectory = path;
ReadWritePaths = [ path ];
2022-10-23 09:48:16 +01:00
ExecStart = "${pkgs.fossil}/bin/fossil server" + " --localhost"
+ " --https" + " --port ${toString port}"
+ " --baseurl ${baseurl}" + " --repolist ${path}";
2022-10-23 00:06:39 +01:00
Restart = "always";
RestartSec = 3;
};
};
};
};
}