fw/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix/moduler/services/wishlist/default.nix
fwastring 90c13a0728 added wishlist and more
2025-10-07 14:33:57 +02:00

82 lines
2 KiB
Nix
Raw Blame History

{
lib,
config,
...
}:
with lib;
let
in
{
options = {
wishlist = {
enable = mkEnableOption "enables wishlist";
port = lib.mkOption {
type = lib.types.int;
default = 5434;
description = "The port wishlist listens on.";
};
host = mkOption {
type = types.str;
defaultText = literalExpression "127.0.0.1";
description = "The hostname that wishlist binds to";
};
domain = mkOption {
type = types.str;
description = "Domain name for wishlist to be served on.";
};
};
};
config = mkMerge [
(mkIf config.wishlist.enable {
systemd.tmpfiles.settings."wishlist-dirs" = {
"/var/wishlist".d = {
mode = "0755";
user = "root";
group = "root";
};
"/var/wishlist/uploads".d = {
mode = "0755";
user = "root";
group = "root";
};
"/var/wishlist/data".d = {
mode = "0755";
user = "root";
group = "root";
};
};
virtualisation.oci-containers = {
backend = "podman";
containers = {
wishlist = {
image = "ghcr.io/cmintey/wishlist:latest";
volumes = [
"/var/wishlist/uploads:/usr/src/app/uploads"
"/var/wishlist/data:/usr/src/app/data"
];
ports = [ "${config.wishlist.host}:${toString config.wishlist.port}:3280" ];
environment = {
ORIGIN = "https://${config.wishlist.domain}";
TOKEN_TIME = "72";
};
};
};
};
# nginx reverse proxy
services.nginx.virtualHosts."${config.wishlist.domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://${config.wishlist.host}:${toString config.wishlist.port}";
proxyWebsockets = true;
extraConfig = "proxy_ssl_server_name on;" + "proxy_pass_header Authorization;";
};
};
})
];
}
Reference in a new issue View git blame Copy permalink