momo/cloud
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions1
cloud/modules/invoiceplane/default.nix
b12f ec612c2b7f
Initial commit
2025-02-09 14:09:20 +01:00

87 lines
2.5 KiB
Nix
Raw Permalink Blame History

{
config,
pkgs,
lib,
...
}:
let
backupDir = "/var/lib/invoiceplane/backup";
in
{
imports = [
./override.nix
];
options.pub-solar-os.invoiceplane = with lib; {
enable = mkEnableOption "Enable invoiceplane instance";
passwordFile = mkOption { type = types.nullOr types.path; default = null; };
};
config = lib.mkIf config.pub-solar-os.invoiceplane.enable {
security.acme.certs = {
"invoicing.${config.pub-solar-os.networking.domain}" = {};
};
services.nginx.virtualHosts = {
"invoicing.${config.pub-solar-os.networking.domain}" = {
forceSSL = true;
useACMEHost = "invoicing.${config.pub-solar-os.networking.domain}";
listenAddresses = [
config.pub-solar-os.wireguard.ipv4.address
"[${config.pub-solar-os.wireguard.ipv6.address}]"
];
};
};
services.invoiceplane.webserver = "nginx";
services.invoiceplane.sites."invoicing.${config.pub-solar-os.networking.domain}" = {
enable = true;
database = {
user = "invoiceplane";
name = "invoiceplane";
host = "127.0.0.1";
port = 3306;
createLocally = true;
passwordFile = config.pub-solar-os.invoiceplane.passwordFile;
};
invoiceTemplates = [pkgs.invoiceplane-template];
settings = {
SETUP_COMPLETED = true;
DISABLE_SETUP = true;
IP_URL = "https://invoicing.${config.pub-solar-os.networking.domain}";
};
poolConfig = {
"pm" = "dynamic";
"pm.max_children" = 32;
"pm.max_requests" = 500;
"pm.max_spare_servers" = 4;
"pm.min_spare_servers" = 2;
"pm.start_servers" = 2;
"php_admin_value[error_log]" = "/var/lib/invoiceplane/invoicing.${config.pub-solar-os.networking.domain}/logs/php-error.log";
"php_admin_flag[display_errors]" = "off";
"php_admin_flag[log_errors]" = "on";
"catch_workers_output" = "yes";
};
};
systemd.tmpfiles.rules = [
"d '${backupDir}' 0700 root root - -"
];
pub-solar-os.backups.restic.invoiceplane = {
paths = [
backupDir
"/var/lib/invoiceplane/invoicing.${config.pub-solar-os.networking.domain}"
];
initialize = true;
backupPrepareCommand = ''
PW=$(cat ${config.age.secrets."invoiceplane-db-password".path})
${pkgs.docker-client}/bin/docker exec -t invoiceplane-db mariadb-dump --all-databases --password=$PW --user=invoiceplane > "${backupDir}/postgres.sql"
'';
};
};
}
Reference in a new issue View git blame Copy permalink