71 lines
1.8 KiB
Nix
71 lines
1.8 KiB
Nix
{ config, pkgs, inputs, lib, ... }:
|
|
let
|
|
port = 8081;
|
|
domain = "fossil.cyplo.dev";
|
|
baseurl = "https://${domain}";
|
|
path = "/var/lib/fossil";
|
|
in {
|
|
imports = [ ../nginx.nix ];
|
|
|
|
services.nginx = {
|
|
virtualHosts = {
|
|
"${domain}" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = { proxyPass = "http://localhost:" + toString port; };
|
|
};
|
|
};
|
|
};
|
|
|
|
containers.fossil = {
|
|
autoStart = true;
|
|
forwardPorts = [{
|
|
containerPort = port;
|
|
hostPort = port;
|
|
}];
|
|
bindMounts = {
|
|
"${path}" = {
|
|
hostPath = "${path}";
|
|
isReadOnly = false;
|
|
};
|
|
};
|
|
config = { config, pkgs, ... }:
|
|
let
|
|
user = "fossil";
|
|
group = "fossil";
|
|
in {
|
|
environment.systemPackages = [ pkgs.fossil ];
|
|
users.groups = { "${group}" = { }; };
|
|
users.users = {
|
|
fossil = {
|
|
description = "Fossil Service";
|
|
home = path;
|
|
useDefaultShell = true;
|
|
group = group;
|
|
isSystemUser = true;
|
|
};
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [ "d '${path}' 0770 ${user} ${group} - -" ];
|
|
systemd.services.fossil = {
|
|
description = "fossil server";
|
|
after = [ "network-online.target" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
path = [ pkgs.fossil pkgs.git ];
|
|
|
|
serviceConfig = {
|
|
User = user;
|
|
Group = group;
|
|
WorkingDirectory = path;
|
|
ReadWritePaths = [ path ];
|
|
ExecStart = "${pkgs.fossil}/bin/fossil server" + " --localhost"
|
|
+ " --https" + " --port ${toString port}"
|
|
+ " --baseurl ${baseurl}" + " --repolist ${path}";
|
|
Restart = "always";
|
|
RestartSec = 3;
|
|
};
|
|
|
|
};
|
|
};
|
|
};
|
|
}
|