newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
infra/machines/ramus/think-greater-chiangmai.nix

137 lines
3.6 KiB
Nix
Raw Permalink Blame History

{ self, config, ... }:
let
commonSettings = {
APP_NAME = "Laravel";
APP_ENV = "local";
APP_KEY._secret = config.clan.core.vars.generators.greaterchiangmai.files.app_key.path;
APP_DEBUG = "false";
APP_URL = "http://localhost";
DB_CONNECTION = "mysql";
DB_HOST = "localhost";
DB_PORT = 3306;
DB_DATABASE = "thinkgtcm";
DB_USERNAME = "gtcm";
R2_ACCESS_KEY_ID = config.clan.core.vars.generators.greaterchiangmai-s3.files.access_key_id.value;
R2_SECRET_ACCESS_KEY._secret =
config.clan.core.vars.generators.greaterchiangmai-s3.files.secret_access_key.path;
R2_REGION = config.clan.core.vars.generators.greaterchiangmai-s3.files.region.value;
R2_BUCKET = config.clan.core.vars.generators.greaterchiangmai-s3.files.bucket.value;
R2_ENDPOINT = config.clan.core.vars.generators.greaterchiangmai-s3.files.endpoint.value;
LOG_CHANNEL = "stack";
LOG_LEVEL = "debug";
FILESYSTEM_DISK = "local";
BROADCAST_DRIVER = "log";
CACHE_DRIVER = "file";
QUEUE_CONNECTION = "sync";
SESSION_DRIVER = "file";
SESSION_LIFETIME = 120;
MEMCACHED_HOST = "127.0.0.1";
REDIS_HOST = "127.0.0.1";
REDIS_PORT = 6379;
UPLOAD_MAX_FILESIZE = "5000M";
POST_MAX_SIZE = "5000M";
TEST_LOCAL = true;
};
baseDomain = "greaterchiangmai.com";
domain = "think.${baseDomain}";
domainBackend = "think-backend.${baseDomain}";
in
{
imports = [
self.nixosModules.think-gtcm
self.nixosModules.think-backend-gtcm
];
nixpkgs.overlays = [ self.overlays.packagesOverlay ];
clan.core.vars.generators.greaterchiangmai = {
files = {
app_key = {
secret = true;
owner = config.services.think-greaterchiangmai.user;
group = config.services.think-greaterchiangmai.group;
};
};
prompts = {
app_key.persist = true;
};
script = ''
cat $prompts/app_key > $out/app_key
'';
};
clan.core.vars.generators.greaterchiangmai-s3 = {
files = {
access_key_id.secret = false;
secret_access_key = {
secret = true;
owner = config.services.think-greaterchiangmai.user;
group = config.services.think-greaterchiangmai.group;
};
endpoint.secret = false;
region.secret = false;
bucket.secret = false;
};
prompts = {
access_key_id.persist = true;
secret_access_key.persist = true;
endpoint.persist = true;
region.persist = true;
bucket.persist = true;
};
script = ''
cat $prompts/access_key_id > $out/access_key_id
cat $prompts/secret_access_key > $out/secret_access_key
cat $prompts/endpoint > $out/endpoint
cat $prompts/region > $out/region
cat $prompts/bucket > $out/bucket
'';
};
services.think-greaterchiangmai = {
enable = true;
domain = domain;
settings = commonSettings;
};
services.think-backend-greaterchiangmai = {
enable = true;
domain = domainBackend;
settings = commonSettings;
};
security.acme.certs = {
"${domain}" = {
email = config.clan.core.vars.generators.acme.files.email.value;
webroot = "/var/lib/acme/acme-challenge/${domain}";
};
"${domainBackend}" = {
email = config.clan.core.vars.generators.acme.files.email.value;
webroot = "/var/lib/acme/acme-challenge/${domainBackend}";
};
};
services.nginx.virtualHosts.${domain} = {
forceSSL = true;
useACMEHost = domain;
acmeRoot = config.security.acme.certs.${domain}.webroot;
};
services.nginx.virtualHosts.${domainBackend} = {
forceSSL = true;
useACMEHost = domainBackend;
acmeRoot = config.security.acme.certs.${domainBackend}.webroot;
};
}
Reference in New Issue View Git Blame Copy Permalink