44 lines
1 KiB
Nix
44 lines
1 KiB
Nix
|
{ config, lib, ... }:
|
||
|
let
|
||
|
cfg = config.bagel.newsletter;
|
||
|
inherit (lib) mkIf mkOption mkEnableOption types;
|
||
|
port = 18999;
|
||
|
address = "127.0.0.1:${toString port}";
|
||
|
in
|
||
|
{
|
||
|
options.bagel.newsletter = {
|
||
|
enable = mkEnableOption "the newsletter web service (listmonk)";
|
||
|
domain = mkOption {
|
||
|
type = types.str;
|
||
|
};
|
||
|
};
|
||
|
|
||
|
config = mkIf cfg.enable {
|
||
|
age.secrets.newsletter-secrets.file = ../../secrets/newsletter-secrets.age;
|
||
|
services.listmonk = {
|
||
|
enable = true;
|
||
|
secretFile = config.age.secrets.newsletter-secrets.path;
|
||
|
settings."app" = {
|
||
|
inherit address;
|
||
|
admin_username = "admin";
|
||
|
};
|
||
|
database.createLocally = true;
|
||
|
};
|
||
|
|
||
|
services.nginx.enable = true;
|
||
|
services.nginx.virtualHosts."${cfg.domain}" = {
|
||
|
enableACME = true;
|
||
|
forceSSL = true;
|
||
|
locations."/".proxyPass = "http://${address}";
|
||
|
};
|
||
|
|
||
|
users.users.listmonk = {
|
||
|
isSystemUser = true;
|
||
|
group = "listmonk";
|
||
|
};
|
||
|
users.groups.listmonk = {};
|
||
|
|
||
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||
|
};
|
||
|
}
|