lemmy-container/lemmy-container.nix

115 lines
3.3 KiB
Nix
Raw Normal View History

2024-01-20 11:25:09 -08:00
{ config, lib, pkgs, ... }@toplevel:
with lib;
let
cfg = config.services.lemmyContainer;
lemmyImage = { ... }:
{ pkgs, ... }: {
project.name = "lemmy";
networks = {
internal_network.internal = true;
external_network.internal = false;
};
docker-compose.volumes = {
postgres-data = { };
lemmy-data = { };
};
services = {
lemmy = { pkgs, ... }: {
service = {
restart = "always";
volumes = [
"postgres-data:/var/lib/postgres/data"
"pictrs-data:/var/lib/pict-rs"
];
ports = "${toString cfg.port}:80";
networks = [ "internal_network" "internal_network" ];
};
nixos = {
useSystemd = {
boot.tmp.useTmpfs = true;
system.nssModules = mkForce [ ];
services = {
nscd.enable = false;
postgresql.enable = true;
pict-rs.enable = true;
lemmy = {
enable = true;
database.createLocally = true;
adminPasswordFile = cfg.admin-password-file;
nginx.enable = true;
settings = {
email = {
smtp_server = cfg.smtp.server;
smtp_from_address = "noreply@${cfg.hostname}";
};
hostname = cfg.hostname;
setup.site_name = cfg.site-name;
};
};
nginx = {
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
commonHttpConfig = ''
log_format with_response_time '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$request_time" "$upstream_response_time"';
access_log /var/log/nginx/access.log with_response_time;
'';
};
};
};
};
};
};
};
in {
options.services.lemmy-container = with types; {
enable = mkEnableOption "Enable Lemmy server in a Podman container.";
hostname = mkOption {
type = str;
description = "Host of the Lemmy server.";
};
port = mkOption {
type = port;
description = "Port on which to listen for requests.";
default = 1234;
};
site-name = mkOption {
type = str;
description = "Name of the Lemmy site.";
};
admin-password-file = mkOption {
type = str;
description = "Path to a file containing the administrator password.";
};
};
config = mkIf cfg.enable {
virtualisation.arion.projects.lemmy.settings = let image = lemmyImage { };
in { imports = [ image ]; };
services.nginx = {
enable = true;
virtualHosts."${cfg.hostname}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString cfg.port}/";
proxyWebsockets = true;
recommendedProxySettings = true;
};
};
};
};
}