46 lines
1.3 KiB
Nix
46 lines
1.3 KiB
Nix
{ inputs, pkgs, config, lib, ... }: {
|
|
imports = [
|
|
../../templates/proxmox-lxc.nix
|
|
../../server.nix
|
|
../../features/dns-cache.nix
|
|
inputs.iceshrimp.nixosModules.iceshrimp {}
|
|
];
|
|
|
|
networking.hostName = "porcelain-doll-repair";
|
|
system.stateVersion = "24.05";
|
|
nixpkgs.hostPlatform = "x86_64-linux";
|
|
|
|
sops.secrets.db_password = {
|
|
sopsFile = ../../../secrets/porcelain-doll-repair/default.yaml;
|
|
owner = config.services.iceshrimp.user;
|
|
group = config.services.iceshrimp.group;
|
|
mode = "0444";
|
|
};
|
|
|
|
sops.templates."secrets.yaml" = {
|
|
content = (builtins.toJSON {
|
|
db = {
|
|
pass = config.sops.placeholder.db_password;
|
|
};
|
|
});
|
|
owner = config.services.iceshrimp.user;
|
|
group = config.services.iceshrimp.group;
|
|
};
|
|
|
|
|
|
services.iceshrimp = {
|
|
enable = true;
|
|
package = inputs.iceshrimp-withdrawal.packages.${pkgs.system}.iceshrimp.withdrawal;
|
|
settings = {
|
|
url = "https://porcelain.doll.repair";
|
|
enableMetrics = true;
|
|
};
|
|
dbPasswordFile = config.sops.secrets.db_password.path;
|
|
createDb = true;
|
|
configureNginx.enable = false;
|
|
secretConfig = config.sops.templates."secrets.yaml".path;
|
|
};
|
|
|
|
services.postgresql.package = pkgs.postgresql_15;
|
|
services.redis.servers.iceshrimp.logfile = "stdout";
|
|
}
|