50 lines
1.8 KiB
Nix
50 lines
1.8 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let
|
|
urlpath = "/members";
|
|
metaJSONFile = (pkgs.formats.json {}).generate "meta-service-info.json" config.mine.shared.meta;
|
|
port = 5050;
|
|
in {
|
|
systemd.services.website-member = {
|
|
description = "members area website";
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "networking.target" ];
|
|
|
|
environment = {
|
|
AUTH_PROXY_USERNAME = config.mine.shared.lib.authelia.protectedHeaders.username;
|
|
AUTH_PROXY_GROUPS = config.mine.shared.lib.authelia.protectedHeaders.groups;
|
|
AUTH_PROXY_EMAIL = config.mine.shared.lib.authelia.protectedHeaders.email;
|
|
AUTH_PROXY_NAME = config.mine.shared.lib.authelia.protectedHeaders.name;
|
|
};
|
|
|
|
serviceConfig = {
|
|
ExecStart = let
|
|
pythonEnv = pkgs.python3.withPackages(ps: with ps; [ flask ]);
|
|
in "${pythonEnv}/bin/python ${./app.py} --port ${builtins.toString port} --meta-json ${metaJSONFile}";
|
|
Restart = "always";
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts."${config.mine.shared.settings.domain}" = config.mine.shared.lib.authelia.mkProtectedWebsite {
|
|
locations."${urlpath}" = config.mine.shared.lib.authelia.mkProtectedLocation {
|
|
proxyPass = "http://localhost:${builtins.toString port}";
|
|
};
|
|
};
|
|
|
|
mine.shared.meta.website-members = {
|
|
name = "Members Website";
|
|
description = "This website you are looking at right now, which is our members website.";
|
|
url = "https://${config.mine.shared.settings.domain}${urlpath}";
|
|
|
|
package = {
|
|
name = "members-website";
|
|
version = "v0.0.1";
|
|
meta = with lib; {
|
|
description = "Members website for ${config.mine.shared.settings.domain}";
|
|
license = licenses.free;
|
|
homepage = "https://git.fricloud.dk/fricloud/server-configs/src/branch/main/machines/gerd/services/member-website/app.py";
|
|
platforms = platforms.all;
|
|
};
|
|
};
|
|
};
|
|
}
|