From ad6e1504db90cda4ce18893dc73b794b54edcfb0 Mon Sep 17 00:00:00 2001 From: Alexander Heldt Date: Sun, 26 Oct 2025 15:35:16 +0100 Subject: [PATCH] tadpole: Add `whib-frontend` service --- hosts/tadpole/modules/default.nix | 1 + hosts/tadpole/modules/whib/default.nix | 21 +++++++++++++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/hosts/tadpole/modules/default.nix b/hosts/tadpole/modules/default.nix index b33c937..f23086f 100644 --- a/hosts/tadpole/modules/default.nix +++ b/hosts/tadpole/modules/default.nix @@ -23,6 +23,7 @@ in pppdotpm-site.enable = true; whib-backend.enable = true; + whib-frontend.enable = true; }; }; } diff --git a/hosts/tadpole/modules/whib/default.nix b/hosts/tadpole/modules/whib/default.nix index 86b82b5..f9c86de 100644 --- a/hosts/tadpole/modules/whib/default.nix +++ b/hosts/tadpole/modules/whib/default.nix @@ -4,24 +4,29 @@ ... }: let - enabled = config.mod.whib-backend.enable; + backendEnabled = config.mod.whib-backend.enable; + frontendEnabled = config.mod.whib-frontend.enable; in { options = { mod.whib-backend = { enable = lib.mkEnableOption "enable WHIB backend"; }; + + mod.whib-frontend = { + enable = lib.mkEnableOption "enable WHIB frontend"; + }; }; - config = lib.mkIf enabled { - assertions = [ + config = { + assertions = lib.mkIf backendEnabled [ { assertion = config.services.nginx.enable; message = "Option 'config.services.nginx' must be enabled"; } ]; - services.whib-backend = { + services.whib-backend = lib.mkIf backendEnabled { enable = true; backend = { @@ -50,6 +55,14 @@ in }; }; + services.whib-frontend = lib.mkIf frontendEnabled { + enable = true; + + domain = "whib.ppp.pm"; + useACMEHost = "whib.ppp.pm"; + backendHost = "api.whib.ppp.pm"; + }; + age.secrets = { "whib-backend-env-vars".file = ../../../../secrets/tadpole/whib-backend-env-vars.age; "whib-postgres-env-vars".file = ../../../../secrets/tadpole/whib-postgres-env-vars.age;