tadpole: Add ppp.pm-site module

2024-07-21 10:58:02 +02:00
parent fa4e31e6de
commit 390bc08ed1
2 changed files with 35 additions and 0 deletions
--- a/hosts/tadpole/modules/default.nix
+++ b/hosts/tadpole/modules/default.nix
@@ -10,6 +10,8 @@ in
    mod = {
      ssh.enable = true;
      nginx.enable = true;
+
+      pppdotpm-site.enable = true;
    };
  };
 }
--- a/hosts/tadpole/modules/ppp.pm-site/default.nix
+++ b/hosts/tadpole/modules/ppp.pm-site/default.nix
@@ -0,0 +1,33 @@
+{ inputs, lib, config, ... }:
+let
+  enabled = config.mod.pppdotpm-site.enable;
+
+  nginxEnabled = config.mod.nginx.enable;
+in
+{
+  imports = [ inputs.pppdotpm-site.nixosModules.default ];
+
+  options = {
+    mod.pppdotpm-site = {
+      enable = lib.mkEnableOption "enable ppp.pm site";
+    };
+  };
+
+  config = lib.mkIf (enabled && nginxEnabled) {
+    security.acme = {
+      certs = {
+        "ppp.pm" = {
+          webroot = "/var/lib/acme/acme-challenge/";
+          email = "p@ppp.pm";
+          group = "nginx";
+        };
+      };
+    };
+
+    services.pppdotpm-site = {
+      enable = true;
+      domain = "ppp.pm";
+      useACMEHost = "ppp.pm";
+    };
+  };
+}