hosts/trimounts/modules/hedgedoc.nix at terra · ptr.pet/ark

ptr.pet / ark

nix machine / user configurations

ark / hosts / trimounts / modules / hedgedoc.nix

at terra 682 B view raw

 1{ config, ... }:
 2let
 3  cfg = config.services.hedgedoc.settings;
 4in
 5{
 6  services.hedgedoc = {
 7    enable = true;
 8    settings = {
 9      port = 3333;
10      domain = "doc.gaze.systems";
11      protocolUseSSL = true;
12      allowEmailRegister = false;
13      allowAnonymous = false;
14      allowAnonymousEdits = true;
15      allowFreeURL = true;
16      requireFreeURLAuthentication = true;
17    };
18  };
19
20  security.acme.certs."gaze.systems".extraDomainNames = [ cfg.domain ];
21  services.nginx.virtualHosts.${cfg.domain} = {
22    useACMEHost = "gaze.systems";
23    forceSSL = true;
24    quic = true;
25    kTLS = true;
26    locations."/".proxyPass = "http://${cfg.host}:${toString cfg.port}";
27  };
28}