hosts/wolumonde/modules/webhook.disabled/default.nix at terra · ptr.pet/ark

ptr.pet / ark

nix machine / user configurations

ark / hosts / wolumonde / modules / webhook.disabled / default.nix

at terra 688 B view raw

 1{ config, tlib, ... }:
 2let
 3  domain = "webhook.gaze.systems";
 4in
 5{
 6  imports = tlib.importFolder ./.;
 7
 8  services.webhook = {
 9    enable = true;
10    urlPrefix = "";
11  };
12
13  age.secrets.webhookAuth = {
14    file = ../../../../secrets/webhookAuth.age;
15    mode = "600";
16    owner = "nginx";
17    group = "nginx";
18  };
19
20  security.acme.certs."gaze.systems".extraDomainNames = [ domain ];
21  services.nginx.virtualHosts.${domain} = {
22    useACMEHost = "gaze.systems";
23    forceSSL = true;
24    kTLS = true;
25    quic = true;
26    basicAuthFile = config.age.secrets.webhookAuth.path;
27    locations."/" = {
28      proxyPass = "http://localhost:${toString config.services.webhook.port}";
29    };
30  };
31}