From a93b230e03f2b52b7432c7c48c41c719ca1b725c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= <cyplo@cyplo.dev>
Date: Sun, 23 Oct 2022 00:06:39 +0100
Subject: [PATCH] add fossil server

---
 nixos/boxes/vpsfree1/default.nix |  1 +
 nixos/boxes/vpsfree1/fossil.nix  | 67 ++++++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+)
 create mode 100644 nixos/boxes/vpsfree1/fossil.nix

diff --git a/nixos/boxes/vpsfree1/default.nix b/nixos/boxes/vpsfree1/default.nix
index 731f52d0..86489bd1 100644
--- a/nixos/boxes/vpsfree1/default.nix
+++ b/nixos/boxes/vpsfree1/default.nix
@@ -8,6 +8,7 @@
     ./backups.nix
     ./blog.cyplo.net.nix
     ./cryptpad.nix
+    ./fossil.nix
     ./foundryvtt.nix
     ./matrix-front.nix
     ./rss.nix
diff --git a/nixos/boxes/vpsfree1/fossil.nix b/nixos/boxes/vpsfree1/fossil.nix
new file mode 100644
index 00000000..623c5290
--- /dev/null
+++ b/nixos/boxes/vpsfree1/fossil.nix
@@ -0,0 +1,67 @@
+{ config, pkgs, inputs, lib, ... }:
+let
+  port = 8081;
+  domain = "fossil.cyplo.dev";
+  baseurl = "https://${domain}";
+in {
+  imports = [ ../nginx.nix ];
+
+  services.nginx = {
+    virtualHosts = {
+      "${domain}" = {
+        forceSSL = true;
+        enableACME = true;
+        locations."/" = { proxyPass = "http://localhost:" + toString port; };
+      };
+    };
+  };
+
+  containers.fossil = {
+    autoStart = true;
+    forwardPorts = [{
+      containerPort = port;
+      hostPort = port;
+    }];
+    config = { config, pkgs, ... }:
+      let
+        path = "/var/lib/fossil";
+        repoPath = "${path}/repo.fossil";
+        user = "fossil";
+        group = "fossil";
+      in {
+
+        users.groups = { "${group}" = { }; };
+        users.users = {
+          fossil = {
+            description = "Fossil Service";
+            home = path;
+            useDefaultShell = true;
+            group = group;
+            isSystemUser = true;
+          };
+        };
+
+        systemd.tmpfiles.rules = [ "d '${path}' 0770 ${user} ${group} - -" ];
+        systemd.services.fossil = {
+          description = "fossil server";
+          after = [ "network-online.target" ];
+          wantedBy = [ "multi-user.target" ];
+          path = [ pkgs.fossil pkgs.git ];
+
+          serviceConfig = {
+            User = user;
+            Group = group;
+            WorkingDirectory = path;
+            ReadWritePaths = [ path ];
+            ExecStart = "${pkgs.fossil}/bin/fossil server --localhost --https"
+              + " --port ${toString port}" + " --baseurl ${baseurl}"
+              + " --create ${repoPath}";
+            Restart = "always";
+            RestartSec = 3;
+          };
+
+        };
+      };
+  };
+
+}