os/hosts/cube/invoiceplane.nix
2023-10-06 00:00:29 +02:00

54 lines
1.2 KiB
Nix

{ self, config, pkgs, ... }:
let
hostAddress = "10.10.42.1";
serviceAddress = "10.10.42.11";
domain = "inv.gssws.de";
hostStateDir = "/mnt/internal/invoiceplane";
containerStateDir = "/var/lib/invoiceplane";
in
{
# nginx
services.nginx.virtualHosts."${domain}" = {
forceSSL = true;
enableACME = true;
locations = {
"/" = {
proxyPass = "http://${serviceAddress}:80";
};
};
};
# invoiceplane
containers."invoiceplane" = {
privateNetwork = true;
hostAddress = "10.10.42.1";
localAddress = serviceAddress;
bindMounts."${containerStateDir}" = {
hostPath = hostStateDir;
isReadOnly = false;
};
config = { config, pkgs, ... }: {
networking.firewall.allowedTCPPorts = [ 80 ];
services.phpfpm.pools."invoiceplane-${domain}".phpOptions = ''
date.timezone = Europe/Berlin
'';
services.caddy.virtualHosts."http://${domain}".listenAddresses = [ "0.0.0.0" ];
services.invoiceplane.sites."${domain}" = {
enable = true;
stateDir = containerStateDir;
database = {
user = "invoiceplane";
name = "invoiceplane";
};
};
};
};
}