{ config, pkgs, ... }: let svc_domain = "wger.${config.mine.shared.settings.domain}"; port = 8000; wger_user = "wger"; statedir = config.mine.zfsMounts."rpool/safe/svcs/wger"; wgerpkgs = pkgs.callPackage ./wgerpkg/default.nix {}; # # Application settings # WGER_SETTINGS['EMAIL_FROM'] = 'wger Workout Manager ' # WGER_SETTINGS["ALLOW_REGISTRATION"] = True # WGER_SETTINGS["ALLOW_GUEST_USERS"] = True # WGER_SETTINGS["ALLOW_UPLOAD_VIDEOS"] = False # WGER_SETTINGS["MIN_ACCOUNT_AGE_TO_TRUST"] = 21 # in days # WGER_SETTINGS["EXERCISE_CACHE_TTL"] = 3600 # in seconds wger_settings = { EMAIL_FROM = "wger Workout Manager "; ALLOW_REGISTRATION = true; ALLOW_GUEST_USERS = true; ALLOW_UPLOAD_VIDEOS = false; MIN_ACCOUNT_AGE_TO_TRUST = 21; EXERCISE_CACHE_TTL = 3600; }; django_settings = rec { DEBUG = true; DATABASES.default = { # ENGINE = "django.db.backends.sqlite3"; # NAME = "${statedir}/database.sqlite"; # USER = ""; # PASSWORD = ""; # HOST = ""; # PORT = ""; ENGINE = "django.db.backends.postgresql"; NAME = "wger"; USER = "wger"; PASSWORD = ""; HOST = "/run/postgresql"; PORT = ""; }; ADMINS = [["Your Name" "test@test.dk"]]; MANAGERS = ADMINS; TIME_ZONE = "Europe/Berlin"; SECRET_KEY = "2w!yl6ausb-$05#mjnec)g_h#nc9pzzw0c(kvaskocvyyg1oqc"; SITE_URL = "http://localhost:8100"; MEDIA_ROOT = "${statedir}/media"; MEDIA_URL = "/media/"; EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"; # DEFAULT_FROM_EMAIL = WGER_SETTINGS['EMAIL_FROM'] EMAIL_PAGE_DOMAIN = SITE_URL; CSRF_TRUSTED_ORIGINS = [ "https://${svc_domain}" ]; ALLOWED_HOSTS = [ svc_domain ]; RECAPTCHA_PUBLIC_KEY = ""; RECAPTCHA_PRIVATE_KEY = ""; USE_RECAPTCHA = false; }; wger_settings_file = pkgs.writeText "settings.json" (builtins.toJSON wger_settings); django_settings_file = pkgs.writeText "settings.json" (builtins.toJSON django_settings); settingsFile = pkgs.writeText "settings.py" '' from wger.settings_global import * import json with open("${django_settings_file}") as f: globals().update(json.load(f)) with open("${wger_settings_file}") as f: WGER_SETTINGS.update(json.load(f)) ''; in { systemd.services.wger = { description = "wger fitness"; wantedBy = [ "multi-user.target" ]; after = [ "networking.target" ]; script = '' # general wger things ${wgerpkgs}/bin/wger migrate-db -s ${settingsFile} || true # ${wgerpkgs}/bin/wger load-fixtures -s ${settingsFile} || true # ${wgerpkgs}/bin/wger load-online-fixtures -s ${settingsFile} || true # manage things # WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage download-exercise-images || true # WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage download-exercise-videos || true # WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage download-ingredient-images || true WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage sync-exercises || true # WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage sync-ingredients || true WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage exercises-health-check || true # run server ${wgerpkgs}/bin/wger start -s ${settingsFile} ''; serviceConfig = { User = "wger"; Group = "wger"; }; }; users.users."${wger_user}"= { uid = 738; isSystemUser = true; group = wger_user; }; users.groups."${wger_user}".gid = 738; services.postgresql = { ensureDatabases = [ wger_user ]; ensureUsers = [{ name = wger_user; ensureDBOwnership = true; }]; }; services.nginx.virtualHosts."${svc_domain}" = { forceSSL = true; enableACME = true; extraConfig = '' include ${config.mine.shared.lib.authelia.autheliaLocation}; ''; locations."/" = config.mine.shared.lib.authelia.mkProtectedLocation { proxyPass = "http://localhost:${builtins.toString port}"; }; locations."/api/v2/register" = config.mine.shared.lib.authelia.mkProtectedLocation { proxyPass = "http://localhost:${builtins.toString port}"; }; locations."/static".proxyPass = "http://localhost:${builtins.toString port}"; locations."/media".proxyPass = "http://localhost:${builtins.toString port}"; locations."/api".proxyPass = "http://localhost:${builtins.toString port}"; }; }