67 lines
1.7 KiB
Nix
67 lines
1.7 KiB
Nix
{ config, pkgs, inputs, lib, ... }:
|
|
let
|
|
port = 8081;
|
|
domain = "fossil.cyplo.dev";
|
|
baseurl = "https://${domain}";
|
|
in {
|
|
imports = [ ../nginx.nix ];
|
|
|
|
services.nginx = {
|
|
virtualHosts = {
|
|
"${domain}" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = { proxyPass = "http://localhost:" + toString port; };
|
|
};
|
|
};
|
|
};
|
|
|
|
containers.fossil = {
|
|
autoStart = true;
|
|
forwardPorts = [{
|
|
containerPort = port;
|
|
hostPort = port;
|
|
}];
|
|
config = { config, pkgs, ... }:
|
|
let
|
|
path = "/var/lib/fossil";
|
|
repoPath = "${path}/repo.fossil";
|
|
user = "fossil";
|
|
group = "fossil";
|
|
in {
|
|
|
|
users.groups = { "${group}" = { }; };
|
|
users.users = {
|
|
fossil = {
|
|
description = "Fossil Service";
|
|
home = path;
|
|
useDefaultShell = true;
|
|
group = group;
|
|
isSystemUser = true;
|
|
};
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [ "d '${path}' 0770 ${user} ${group} - -" ];
|
|
systemd.services.fossil = {
|
|
description = "fossil server";
|
|
after = [ "network-online.target" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
path = [ pkgs.fossil pkgs.git ];
|
|
|
|
serviceConfig = {
|
|
User = user;
|
|
Group = group;
|
|
WorkingDirectory = path;
|
|
ReadWritePaths = [ path ];
|
|
ExecStart = "${pkgs.fossil}/bin/fossil server --localhost --https"
|
|
+ " --port ${toString port}" + " --baseurl ${baseurl}"
|
|
+ " --create ${repoPath}";
|
|
Restart = "always";
|
|
RestartSec = 3;
|
|
};
|
|
|
|
};
|
|
};
|
|
};
|
|
|
|
}
|