78 lines
2.0 KiB
Nix
78 lines
2.0 KiB
Nix
{
|
|
lib,
|
|
config,
|
|
...
|
|
}:
|
|
let
|
|
backendEnabled = config.mod.whib-backend.enable;
|
|
frontendEnabled = config.mod.whib-frontend.enable;
|
|
in
|
|
{
|
|
options = {
|
|
mod.whib-backend = {
|
|
enable = lib.mkEnableOption "enable WHIB backend";
|
|
};
|
|
|
|
mod.whib-frontend = {
|
|
enable = lib.mkEnableOption "enable WHIB frontend";
|
|
};
|
|
};
|
|
|
|
config = {
|
|
assertions = lib.mkIf backendEnabled [
|
|
{
|
|
assertion = config.services.nginx.enable;
|
|
message = "Option 'config.services.nginx' must be enabled";
|
|
}
|
|
];
|
|
|
|
services.whib-backend = lib.mkIf backendEnabled {
|
|
enable = true;
|
|
|
|
backend = {
|
|
domain = "api.whib.ppp.pm";
|
|
useACMEHost = "api.whib.ppp.pm";
|
|
|
|
environmentFile = config.age.secrets.whib-backend-env-vars.path;
|
|
};
|
|
|
|
postgres = {
|
|
environmentFile = config.age.secrets.whib-postgres-env-vars.path;
|
|
|
|
backup = {
|
|
interval = "*-*-* 00:00:00 UTC";
|
|
|
|
environmentFile = config.age.secrets.whib-postgres-backup-env-vars.path;
|
|
gpgPassphraseFile = config.age.secrets.whib-gpg-key.path;
|
|
};
|
|
};
|
|
|
|
grafana = {
|
|
domain = "grafana.whib.ppp.pm";
|
|
useACMEHost = "grafana.whib.ppp.pm";
|
|
|
|
environmentFile = config.age.secrets.whib-grafana-env-vars.path;
|
|
};
|
|
};
|
|
|
|
services.whib-frontend = lib.mkIf frontendEnabled {
|
|
enable = true;
|
|
|
|
domain = "whib.ppp.pm";
|
|
useACMEHost = "whib.ppp.pm";
|
|
backendHost = "api.whib.ppp.pm";
|
|
};
|
|
|
|
age.secrets = {
|
|
"whib-backend-env-vars".file = ../../../../secrets/tadpole/whib-backend-env-vars.age;
|
|
"whib-postgres-env-vars".file = ../../../../secrets/tadpole/whib-postgres-env-vars.age;
|
|
|
|
"whib-postgres-backup-env-vars".file =
|
|
../../../../secrets/tadpole/whib-postgres-backup-env-vars.age;
|
|
"whib-gpg-key".file = ../../../../secrets/tadpole/whib-gpg-key.age;
|
|
|
|
"whib-grafana-env-vars".file = ../../../../secrets/tadpole/whib-grafana-env-vars.age;
|
|
};
|
|
};
|
|
}
|