nixfiles/hosts/hetzner-vm/containers/piped/profiles/piped.nix

38 lines
1.1 KiB
Nix

{config, ...}: let
ports = import ../data/ports.nix {};
piped_config = config.services.piped;
in {
config.services.piped = {
enable = true;
frontendDomain = "piped.owo.monster";
backendDomain = "backend.piped.owo.monster";
proxyDomain = "proxy.piped.owo.monster";
nginxForceSSL = false;
nginxEnableACME = false;
# Do not set proxyNginxExtraConfig here as needs be set in outside of container
internalBackendPort = ports.piped-backend;
internalProxyPort = ports.piped-proxy;
};
config.systemd.tmpfiles.rules = [
"d /var/sockets - nginx nginx"
];
config.systemd.services.nginx.serviceConfig.ReadWritePaths = [
"/var/sockets"
];
config.services.nginx.virtualHosts."${piped_config.frontendDomain}" = {
extraConfig = "listen unix:/var/sockets/piped-frontend.sock;";
};
config.services.nginx.virtualHosts."${piped_config.backendDomain}" = {
extraConfig = "listen unix:/var/sockets/piped-backend.sock;";
};
config.services.nginx.virtualHosts."${piped_config.proxyDomain}" = {
extraConfig = "listen unix:/var/sockets/piped-proxy.sock;";
};
}