summaryrefslogtreecommitdiff
path: root/flora/services
diff options
context:
space:
mode:
Diffstat (limited to 'flora/services')
-rw-r--r--flora/services/cgit.nix2
-rw-r--r--flora/services/hedgedoc.nix77
-rw-r--r--flora/services/surveys.nix23
3 files changed, 1 insertions, 101 deletions
diff --git a/flora/services/cgit.nix b/flora/services/cgit.nix
index f5ef52a..11c6d72 100644
--- a/flora/services/cgit.nix
+++ b/flora/services/cgit.nix
@@ -56,7 +56,7 @@ let
'';
cgit = pkgs.cgit.overrideAttrs (old: {
- patches = [./0001-main-instead-of-master-branch.patch];
+ patches = [ ./0001-main-instead-of-master-branch.patch ];
});
in
{
diff --git a/flora/services/hedgedoc.nix b/flora/services/hedgedoc.nix
deleted file mode 100644
index 038f99f..0000000
--- a/flora/services/hedgedoc.nix
+++ /dev/null
@@ -1,77 +0,0 @@
-{ config, lib, pkgs, ... }:
-let
- hedgedoc-patched = pkgs.hedgedoc.overrideAttrs (old: {
- src = pkgs.fetchgit {
- url = "https://stuebinm.eu/git/hedgedoc";
- rev = "b0f98a43381486995b99ed79e0eabb3af149dbf3";
- sha256 = "1199k5q8wampkw2ri4wgwzqgh1ff0l4kdxx9h8ywqy2f7faf922c";
- };
- });
-in
-{
- # Container containing CodiMD and its database
- # has its own internal network; needs a reverse-proxy to be reachable from the outside
- # TODO: persistent memory for pads
- containers.codimd = {
- autoStart = true;
- privateNetwork = true;
- hostAddress6 = "fd00::42:10";
- localAddress6 = "fd00::42:11";
-
- config = {config, pkgs, ... }: {
- # open CodiMD port
- networking.firewall.allowedTCPPorts = [ config.services.hedgedoc.configuration.port ];
-
- # database (postgres 11), with default database reachable for CodiMD; no imperative config needed!
- services.postgresql = {
- enable = true;
- package = pkgs.postgresql_11;
- ensureDatabases = [ "codimd" ];
- ensureUsers = [ {
- name = "hedgedoc";
- ensurePermissions = { "DATABASE codimd" = "ALL PRIVILEGES";};
- } ];
- # ugly workaround to allow CodiMD to login without password — this service has lots of options,
- # but apparently not for authentification, which even needs to be forced …
- authentication = pkgs.lib.mkForce ''
- # Generated file; do not edit!
- local all all trust
- host codimd hedgedoc ::1/18 trust
- host codimd codimd ::1/128 trust
- '';
- };
- # CodiMD itself
- services.hedgedoc = {
- enable = true;
- workDir = "/var/codimd/";
- configuration = {
- dbURL = "postgres:///codimd";
- port = 3000;
- domain = "nix.stuebinm.eu";
- urlAddPort = false;
- protocolUseSSL = true;
- allowPDFExport = true;
- host = "::";
- allowEmailRegister = false;
- allowFreeURL = true;
- uploadsPath = "/var/codimd/uploads";
- #email = false;
- };
- };
-
- systemd.services.hedgedoc.serviceConfig.ExecStart = pkgs.lib.mkForce "${hedgedoc-patched}/bin/hedgedoc";
- };
- };
-
-
- networking.firewall.allowedTCPPorts = [ 80 443 ];
-
- services.nginx.virtualHosts."nix.stuebinm.eu" = {
- locations."/" = {
- proxyPass = "http://[" + config.containers.codimd.localAddress6 + "]:3000";
- proxyWebsockets = true;
- };
- forceSSL = true;
- enableACME = true;
- };
-}
diff --git a/flora/services/surveys.nix b/flora/services/surveys.nix
deleted file mode 100644
index befa673..0000000
--- a/flora/services/surveys.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{pkgs, config, ...}:
-
-let survey = pkgs.fetchgit {
- url = "https://stuebinm.eu/git/slightly-better-surveys";
- rev = "c255269db0c739400b62d4c4041e3238b1045d22";
- sha256 = "007q6s5xc3kn3dy1zj7hc94wyn495qam2x1020br3crwgpxy3hmp";
- };
-in
-{
- services.nginx.virtualHosts."survey.stuebinm.eu" = {
- locations."/".root = survey.outPath + "/site";
- locations."/upload".proxyPass = "http://localhost:8080";
-
- enableACME = true;
- forceSSL = true;
- };
-
- services.nginx.appendHttpConfig = ''
- types {
- application/wasm wasm;
- }
- '';
-}