server-configs/machines/gerd/services/member-website/default.nix

50 lines
1.8 KiB
Nix

{ config, lib, pkgs, ... }:
let
urlpath = "/members";
metaJSONFile = (pkgs.formats.json {}).generate "meta-service-info.json" config.mine.shared.meta;
port = 5050;
in {
systemd.services.website-member = {
description = "members area website";
wantedBy = [ "multi-user.target" ];
after = [ "networking.target" ];
environment = {
AUTH_PROXY_USERNAME = config.mine.shared.lib.authelia.protectedHeaders.username;
AUTH_PROXY_GROUPS = config.mine.shared.lib.authelia.protectedHeaders.groups;
AUTH_PROXY_EMAIL = config.mine.shared.lib.authelia.protectedHeaders.email;
AUTH_PROXY_NAME = config.mine.shared.lib.authelia.protectedHeaders.name;
};
serviceConfig = {
ExecStart = let
pythonEnv = pkgs.python3.withPackages(ps: with ps; [ flask ]);
in "${pythonEnv}/bin/python ${./app.py} --port ${builtins.toString port} --meta-json ${metaJSONFile}";
Restart = "always";
};
};
services.nginx.virtualHosts."${config.mine.shared.settings.domain}" = config.mine.shared.lib.authelia.mkProtectedWebsite {
locations."${urlpath}" = config.mine.shared.lib.authelia.mkProtectedLocation {
proxyPass = "http://localhost:${builtins.toString port}";
};
};
mine.shared.meta.website-members = {
name = "Members Website";
description = "This website you are looking at right now, which is our members website.";
url = "https://${config.mine.shared.settings.domain}${urlpath}";
package = {
name = "members-website";
version = "v0.0.1";
meta = with lib; {
description = "Members website for ${config.mine.shared.settings.domain}";
license = licenses.free;
homepage = "https://git.fricloud.dk/fricloud/server-configs/src/branch/main/machines/gerd/services/member-website/app.py";
platforms = platforms.all;
};
};
};
}