38 lines
893 B
Nix
38 lines
893 B
Nix
{ pkgs, flakes, ... }:
|
|
{
|
|
sops.secrets.reviewqueue = {
|
|
sopsFile = ../../../secrets/reviewqueue.env;
|
|
};
|
|
|
|
services.nginx = {
|
|
virtualHosts."queue.donsz.nl" = {
|
|
forceSSL = true;
|
|
http2 = true;
|
|
enableACME = true;
|
|
|
|
locations."/" = {
|
|
proxyPass = "http://[::1]:3000";
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.services.reviewqueue = {
|
|
description = "Review Queue";
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network.target" ]; # if networking is needed
|
|
|
|
restartIfChanged = true; # set to false, if restarting is problematic
|
|
|
|
serviceConfig = {
|
|
ExecStart = "${flakes.reviewqueue.packages.${pkgs.system}.default}/bin/reviewqueue";
|
|
Restart = "always";
|
|
EnvironmentFile = "/run/secrets/reviewqueue";
|
|
StateDirectory = "reviewqueue";
|
|
};
|
|
|
|
environment = {
|
|
DB_PATH = "/var/lib/reviewqueue/db.sqlite";
|
|
};
|
|
};
|
|
}
|