infra/hosts/nachtigall/apps/loomio.nix
Benjamin Yule Bädorf 4f15e68808
loomio: init
Adds a basic loomio config based on [loomio-deploy](https://github.com/loomio/loomio-deploy).

TODO after this commit:

* Add OAUTH config
* Add SMTP config
* Create postgres user on host
2024-03-25 16:26:54 +00:00

146 lines
3.5 KiB
Nix

{ config
, lib
, pkgs
, self
, ...
}: let
uid = 980;
gid = 979;
in {
age.secrets.loomio-environment = {
file = "${flake.self}/secrets/loomio-environment.age";
symlink = false;
mode = "440";
owner = "loomio";
group = "loomio";
};
services.postgresql = {
authentication = ''
host loomio all 172.17.0.0/16 password
'';
};
users.users.loomio = {
isSystemUser = true;
group = "loomio";
inherit uid;
};
users.groups.loomio = { inherit gid; };
services.nginx.virtualHosts."decide.pub.solar" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyWebsockets = true;
extraConfig = ''
proxy_pass http://127.0.0.1:3001;
proxy_set_header Host $host;
'';
};
};
services.nginx.virtualHosts."channels.decide.pub.solar" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyWebsockets = true;
extraConfig = ''
proxy_pass http://127.0.0.1:3001;
proxy_set_header Host $host;
'';
};
};
virtualisation = {
oci-containers = let
loomioConfig = {
image = "loomio/loomio:stable";
autoStart = true;
volumes = [
"/run/redis-loomio/redis.sock:/run/redis/redis.sock"
"/var/lib/loomio/uploads:/loomio/public/system"
"/var/lib/loomio/storage:/loomio/storage"
"/var/lib/loomio/files:/loomio/public/files"
"/var/lib/loomio/plugins:/loomio/plugins/docker"
"/var/lib/loomio/tmp:/loomio/tmp"
];
extraOptions = [
"--add-host=host.docker.internal:host-gateway"
"--pull=always"
];
environmentFiles = [ config.age.secrets.loomio-environment.path ];
environment = {
CANONICAL_HOST = "";
SUPPORT_EMAIL = "";
SITE_NAME = "";
REPLY_HOSTNAME = "";
CHANNELS_URI = "";
HELPER_BOT_EMAIL = "no-reply@";
SMTP_AUTH = "plain";
SMTP_DOMAIN = "";
SMTP_SERVER = "smtp.example.com";
SMTP_PORT = "465";
SMTP_USE_SSL = "1";
ACTIVE_STORAGE_SERVICE = "local";
ALLOW_ROBOTS = "0";
THEME_ICON_SRC = "/files/icon.png";
THEME_APP_LOGO_SRC = "/files/logo.svg";
THEME_EMAIL_HEADER_LOGO_SRC = "/files/logo_128h.png";
THEME_EMAIL_FOOTER_LOGO_SRC = "/files/logo_64h.png";
# used in emails. use rgb or hsl values, not hex
THEME_PRIMARY_COLOR = "rgb(255,167,38)";
THEME_ACCENT_COLOR = "rgb(0,188,212)";
THEME_TEXT_ON_PRIMARY_COLOR = "rgb(255,255,255)";
THEME_TEXT_ON_ACCENT_COLOR = "rgb(255,255,255)";
REDIS_URL = "unix:///run/redis/redis.sock";
CHANNELS_URI = "wss://channels.";
RAILS_ENV = "production";
};
};
in {
backend = "docker";
containers."loomio" = loomioConfig // {
ports = [ "127.0.0.1:3001:3000" ];
volumes = [ "/var/lib/loomio/import:/import" ];
};
containers."loomio-worker" = loomioConfig // {
environment = {
TASK = "worker";
};
volumes = [ "/var/lib/loomio/import:/import" ];
};
containers."loomio-mailin" = {
image = "loomio/mailin-docker:latest";
autoStart = true;
};
containers."loomio-channels" = {
image = "loomio/loomio_channel_server";
autoStart = true;
environmentFiles = [ config.age.secrets.loomio-environment.path ];
};
};
};
services.redis.servers.loomio.enable = true;
}