os/hosts/chonk/invoiceplane.nix

64 lines
1.3 KiB
Nix

{
self,
config,
pkgs,
...
}: let
hostAddress = "10.10.42.1";
serviceAddress = "10.10.42.11";
domain = "inv.gssws.de";
hostStateDir = "/mnt/internal/invoiceplane";
containerStateDir = "/var/lib/invoiceplane";
in {
# nginx
services.nginx.virtualHosts."${domain}" = {
forceSSL = true;
enableACME = true;
locations = {
"/" = {
proxyPass = "http://${serviceAddress}:80";
};
};
};
# invoiceplane
containers."invoiceplane" = {
privateNetwork = true;
hostAddress = "10.10.42.1";
localAddress = serviceAddress;
bindMounts."${containerStateDir}" = {
hostPath = hostStateDir;
isReadOnly = false;
};
config = {
config,
pkgs,
...
}: {
networking.firewall.allowedTCPPorts = [80];
services.rsyslogd.enable = true;
services.phpfpm.pools."invoiceplane-${domain}".phpOptions = ''
date.timezone = Europe/Berlin
'';
services.caddy.virtualHosts."http://${domain}".listenAddresses = ["0.0.0.0"];
services.invoiceplane.sites."${domain}" = {
enable = true;
stateDir = containerStateDir;
database = {
user = "invoiceplane";
name = "invoiceplane";
};
};
system.stateVersion = "22.11";
};
};
}