49 lines
1.1 KiB
Nix
49 lines
1.1 KiB
Nix
{ config, pkgs, lib, ... }: let
|
|
tandoor_user = "tandoor";
|
|
in {
|
|
sops.secrets.tandoor-secret = {};
|
|
sops.secrets.tandoor-pass = {};
|
|
services.tandoor-recipes = {
|
|
enable = true;
|
|
port = 7666;
|
|
extraConfig = {
|
|
SECRET_KEY = config.sops.secrets.tandoor-secret.path;
|
|
DB_ENGINE = "django.db.backends.postgresql";
|
|
POSTGRES_HOST = "127.0.0.1";
|
|
POSTGRES_PORT = config.services.postgresql.port;
|
|
POSTGRES_USER = tandoor_user;
|
|
POSTGRES_DB = tandoor_user;
|
|
ENABLE_SIGNUP = "1";
|
|
};
|
|
};
|
|
|
|
systemd.services.tandoor-recipes = {
|
|
serviceConfig = {
|
|
EnvironmentFile = config.sops.secrets.tandoor-pass.path;
|
|
};
|
|
};
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
port = 5432;
|
|
ensureDatabases = [
|
|
tandoor_user
|
|
];
|
|
ensureUsers = [{
|
|
name = tandoor_user;
|
|
ensureDBOwnership = true;
|
|
ensureClauses = {
|
|
createdb = true;
|
|
};
|
|
}];
|
|
};
|
|
|
|
services.caddy.virtualHosts = {
|
|
"tandoor.syzygial.cc" = {
|
|
extraConfig = ''
|
|
reverse_proxy 127.0.0.1:${toString config.services.tandoor-recipes.port}
|
|
'';
|
|
};
|
|
};
|
|
}
|