home

My NixOS systems configurations.
Log | Files | Refs | LICENSE

commit ccd2aeec6c2c1ad7ea0ca8cc060367f6e4c13b26
parent 07bc41c91c6ae50549ef60f47fd0a9b21a82dfdd
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Tue, 25 Oct 2022 15:17:54 +0200

Add a gosmee service and enable it on kerkouane

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Mnix/packages/default.nix | 2+-
Msystems/hosts/kerkouane.nix | 18++++++++++++++----
Msystems/modules/services/default.nix | 1+
Asystems/modules/services/gosmee.nix | 48++++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 64 insertions(+), 5 deletions(-)

diff --git a/nix/packages/default.nix b/nix/packages/default.nix @@ -38,7 +38,7 @@ rec { toolbox = pkgs.callPackage ./toolbox { }; yaspell = pkgs.callPackage ./yaspell { }; gosmee = pkgs.callPackage ./gosmee { - buildGoModule = pkgs.buildGo119Module; # build fails with 1.19 + buildGoModule = pkgs.buildGo119Module; }; inherit (pkgs.callPackage ./kam { }) diff --git a/systems/hosts/kerkouane.nix b/systems/hosts/kerkouane.nix @@ -161,6 +161,10 @@ in security.pam.enableSSHAgentAuth = true; #systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ]; services = { + gosmee = { + enable = true; + public-url = "https://webhook.sbr.pm"; + }; govanityurl = { enable = true; user = "nginx"; @@ -217,10 +221,15 @@ in enableACME = true; forceSSL = true; locations."/" = { - proxyPass = "http://10.100.0.8:80"; + proxyPass = "http://127.0.0.1:3333"; extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $remote_addr; + proxy_buffering off; + proxy_cache off; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Connection ""; + proxy_http_version 1.1; + chunked_transfer_encoding off; ''; }; }; @@ -250,7 +259,7 @@ in index = "index.html"; extraConfig = '' default_type text/html; - try_files $uri $uri.html $uri/ =404; + try_files $uri $uri.html $uri/ = 404; fancyindex on; fancyindex_localtime on; fancyindex_exact_size off; @@ -276,3 +285,4 @@ in }; }; } + diff --git a/systems/modules/services/default.nix b/systems/modules/services/default.nix @@ -2,6 +2,7 @@ imports = [ ./avahi.nix ./barrier.nix + ./gosmee.nix ./govanityurl.nix ./nix-binary-cache.nix ./ssh.nix diff --git a/systems/modules/services/gosmee.nix b/systems/modules/services/gosmee.nix @@ -0,0 +1,48 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.services.gosmee; +in +{ + options = { + services.gosmee = { + enable = mkEnableOption '' + gosmee is a webhook forwader/relayer + ''; + package = mkOption { + type = types.package; + default = pkgs.my.gosmee; + description = '' + gosmee package to use. + ''; + }; + + public-url = mkOption { + description = '' + Public URL to show to user, useful when you are behind a proxy. + ''; + type = types.str; + default = ""; + }; + }; + }; + config = mkIf cfg.enable { + systemd.packages = [ cfg.package ]; + systemd.services.gosmee = { + description = "Gosmee service"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + # User = cfg.user; + Restart = "on-failure"; + ExecStart = '' + ${cfg.package}/bin/gosmee server \ + ${optionalString (cfg.public-url != "") "--public-url ${escapeShellArg cfg.public-url}"} + ''; + }; + path = [ cfg.package ]; + }; + }; +} +