nix-home/nki-personal-do/writefreely.nix

80 lines
1.9 KiB
Nix
Raw Normal View History

2023-05-18 23:02:37 +00:00
{ config, pkgs, lib, ... }:
with lib;
let
host = "blog.dtth.ch";
port = 18074;
user = "writefreely-dtth";
in
{
imports = [ ./writefreely/module.nix ];
# traefik
cloud.traefik.hosts.writefreely-dtth = { inherit host port; };
sops.secrets."writefreely-dtth" = { owner = user; };
users.users.${user} = {
isSystemUser = true;
home = "${config.fileSystems.data.mountPoint}/writefreely-dtth";
createHome = true;
group = user;
};
users.groups.${user} = { };
nki.services.writefreely = {
inherit host user;
enable = true;
package = pkgs.unstable.writefreely;
group = user;
stateDir = "${config.fileSystems.data.mountPoint}/writefreely-dtth";
settings = {
server.port = port;
app = {
host = "https://${host}";
site_name = "DTTH Blog";
site_description = "Blogs from members of DTTH";
editor = "pad";
landing = "/read";
local_timeline = true;
default_visibility = "public";
open_registration = true;
disable_password_auth = true;
max_blogs = 5;
user_invites = "admin";
min_username_len = 3;
federation = true;
wf_modesty = true;
public_stats = true;
monetization = false;
};
"oauth.generic" = {
client_id = "rpoTTr2Wz0h4EgOSCHe0G85O8DCQDMup7JW9U9fV";
host = "https://auth.dtth.ch";
display_name = "DTTH";
token_endpoint = "/application/o/token/";
inspect_endpoint = "/application/o/userinfo/";
auth_endpoint = "/application/o/authorize/";
scope = "email openid profile";
map_user_id = "nickname";
map_username = "preferred_username";
map_display_name = "name";
allow_registration = true;
};
};
extraSettingsFile = config.sops.secrets."writefreely-dtth".path;
database.type = "sqlite3";
admin.name = "nki";
};
}