gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 20:39:18 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions
infrastructure/nixos/barcodebuddy.nix
arcnmx 9903866044 chore: nf-fmt-nix
2024-05-13 15:31:34 -07:00

49 lines
1.4 KiB
Nix
Raw Blame History

{
config,
access,
lib,
...
}: let
inherit (lib.modules) mkIf mkDefault;
inherit (config.services) nginx;
cfg = config.services.barcodebuddy;
in {
config.services.barcodebuddy = {
enable = mkDefault true;
hostName = mkDefault "barcodebuddy'php";
reverseProxy = {
enable = mkDefault nginx.virtualHosts.${cfg.hostName}.proxied.enable;
trustedAddresses = access.cidrForNetwork.allLan.all;
};
settings = {
EXTERNAL_GROCY_URL = "https://grocy.${config.networking.domain}";
DISABLE_AUTHENTICATION = true;
};
nginxPhpSettings.extraConfig = ''
include ${config.sops.secrets.barcodebuddy-fastcgi-params.path};
'';
};
config.services.nginx.virtualHosts.${cfg.hostName} = mkIf cfg.enable {
name.shortServer = mkDefault "bbuddy";
proxied.enable = mkDefault true;
local.denyGlobal = mkDefault true;
};
config.users.users.barcodebuddy = mkIf cfg.enable {
uid = 912;
};
config.systemd.services = let
gensokyo-zone.sharedMounts.barcodebuddy.path = mkDefault cfg.dataDir;
in
mkIf cfg.enable {
phpfpm-barcodebuddy = {
inherit gensokyo-zone;
};
bbuddy-websocket = mkIf cfg.screen.enable {
inherit gensokyo-zone;
};
};
config.sops.secrets.barcodebuddy-fastcgi-params = mkIf cfg.enable {
sopsFile = mkDefault ./secrets/barcodebuddy.yaml;
owner = mkDefault nginx.user;
};
}
Reference in a new issue View git blame Copy permalink