Antoine Martin
bdd0748620
Mixing stable and unstable brought me weird problems, so I'm switching back to unstable entirely until it breaks hard enough to convince me to go back to stable. :)
83 lines
1.8 KiB
Nix
83 lines
1.8 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.my.services.fava;
|
|
my = config.my;
|
|
domain = config.networking.domain;
|
|
secrets = config.my.secrets;
|
|
in
|
|
{
|
|
options.my.services.fava = {
|
|
enable = lib.mkEnableOption "Fava";
|
|
|
|
home = mkOption {
|
|
type = types.str;
|
|
default = "/var/lib/fava";
|
|
example = "/var/lib/fava";
|
|
description = "Home for the fava service, where data will be stored";
|
|
};
|
|
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 8080;
|
|
example = 8080;
|
|
description = "Internal port for Fava";
|
|
};
|
|
|
|
filePath = mkOption {
|
|
type = types.str;
|
|
example = "my_dir/money.beancount";
|
|
description = "File to load in Fava";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
systemd.services.fava = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
serviceConfig = {
|
|
Environment = [];
|
|
ExecStart = "${pkgs.fava}/bin/fava -H 127.0.0.1 -p ${toString cfg.port} ${cfg.filePath}";
|
|
WorkingDirectory = cfg.home;
|
|
User = "fava";
|
|
Group = "fava";
|
|
};
|
|
path = with pkgs; [];
|
|
};
|
|
|
|
users.users.fava = {
|
|
isSystemUser = true;
|
|
home = cfg.home;
|
|
createHome = true;
|
|
group = "fava";
|
|
};
|
|
users.groups.fava = { };
|
|
|
|
services.nginx.virtualHosts = {
|
|
"fava.${domain}" = {
|
|
forceSSL = true;
|
|
useACMEHost = domain;
|
|
|
|
listen = [
|
|
# FIXME: hardcoded tailscale IP
|
|
{
|
|
addr = "100.80.61.67";
|
|
port = 443;
|
|
ssl = true;
|
|
}
|
|
{
|
|
addr = "100.80.61.67";
|
|
port = 80;
|
|
ssl = false;
|
|
}
|
|
];
|
|
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|