forked from pub-solar/os
79 lines
2.2 KiB
Nix
79 lines
2.2 KiB
Nix
{
|
|
flake,
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
psCfg = config.pub-solar;
|
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
|
backupDir = "/var/lib/invoiceplane/backup";
|
|
in
|
|
{
|
|
security.acme.certs = {
|
|
"billing.faenix.eu" = { };
|
|
};
|
|
|
|
services.nginx.virtualHosts = {
|
|
"billing.faenix.eu" = {
|
|
forceSSL = true;
|
|
useACMEHost = "billing.faenix.eu";
|
|
};
|
|
};
|
|
|
|
services.invoiceplane = {
|
|
webserver = "nginx";
|
|
sites."billing.faenix.eu" = {
|
|
enable = true;
|
|
|
|
invoiceTemplates = [
|
|
flake.self.inputs.invoiceplane-template.packages.${pkgs.system}.invoiceplane-template
|
|
];
|
|
|
|
settings = {
|
|
IP_URL = "https://billing.faenix.eu";
|
|
DISABLE_SETUP = true;
|
|
SETUP_COMPLETED = true;
|
|
# Useful for debugging, logs to
|
|
# /var/lib/invoiceplane/<domain>/logs/
|
|
#ENABLE_DEBUG=true;
|
|
};
|
|
|
|
poolConfig = {
|
|
"pm" = "dynamic";
|
|
"pm.max_children" = 32;
|
|
"pm.max_requests" = 500;
|
|
"pm.max_spare_servers" = 4;
|
|
"pm.min_spare_servers" = 2;
|
|
"pm.start_servers" = 2;
|
|
"php_admin_value[date.timezone]" = "Europe/Berlin";
|
|
"php_admin_value[error_log]" = "/var/lib/invoiceplane/billing.faenix.eu/logs/php-error.log";
|
|
"php_admin_flag[display_errors]" = "off";
|
|
"php_admin_flag[log_errors]" = "on";
|
|
"catch_workers_output" = "yes";
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [ "d '${backupDir}' 0700 root root - -" ];
|
|
|
|
#services.restic.backups = {
|
|
# invoiceplane = {
|
|
# paths = [
|
|
# backupDir
|
|
# "/var/lib/invoiceplane/billing.faenix.eu"
|
|
# ];
|
|
# initialize = true;
|
|
# passwordFile = config.age.secrets."restic-password".path;
|
|
# # See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
|
|
# repository = "rclone:cloud.pub.solar:/backups/InvoicePlane";
|
|
# backupPrepareCommand = ''
|
|
# PW=$(cat ${config.age.secrets."invoiceplane-db-password".path})
|
|
# ${pkgs.mariadb-client}/bin/mariadb-dump --all-databases --password=$PW --user=invoiceplane > "${backupDir}/mariadb-dump.sql"
|
|
# '';
|
|
# rcloneConfigFile = config.age.secrets."rclone-fae.conf".path;
|
|
# };
|
|
#};
|
|
}
|