sapphic.moe / flake
❄️ Dotfiles for our NixOS system configuration.
fork atom
flake / services / destiny-labeler / default.nix
at 2bafaf5ca93107f5d2f18af19b3f7e17b285988b 1.5 kB view raw
1{ config, ... }: 2 3{ 4 systemd.tmpfiles.rules = [ 5 "d /var/lib/destiny-labeler/data 0755 root root -" 6 "f /var/lib/destiny-labeler/data/cursor.txt 0644 root root -" 7 "f /var/lib/destiny-labeler/data/labels.db 0644 root root -" 8 "f /var/lib/destiny-labeler/data/labels.db-shm 0644 root root -" 9 "f /var/lib/destiny-labeler/data/labels.db-wal 0644 root root -" 10 ]; 11 12 age.secrets.destiny-labeler = { 13 file = ../../secrets/destiny-labeler.age; 14 mode = "600"; 15 }; 16 17 virtualisation.oci-containers.containers."destiny-labeler" = { 18 image = "ghcr.io/sapphosys/destiny-labeler:main"; 19 pull = "always"; 20 autoRemoveOnStop = false; 21 ports = [ "4002:4002" ]; 22 environment = { 23 DID = "did:plc:zt2oycjggn5gwdtcgphdh4tn"; 24 URL = "wss://jetstream1.us-east.bsky.network/subscribe"; 25 PORT = "4002"; 26 NODE_ENV = "production"; 27 }; 28 environmentFiles = [ config.age.secrets.destiny-labeler.path ]; 29 volumes = [ 30 "/var/lib/destiny-labeler/data/cursor.txt:/app/cursor.txt" 31 "/var/lib/destiny-labeler/data/labels.db:/app/labels.db" 32 "/var/lib/destiny-labeler/data/labels.db-shm:/app/labels.db-shm" 33 "/var/lib/destiny-labeler/data/labels.db-wal:/app/labels.db-wal" 34 ]; 35 extraOptions = [ 36 "--restart=always" 37 "--network=host" 38 ]; 39 }; 40 41 services.caddy.virtualHosts."labeler.sappho.systems" = { 42 extraConfig = '' 43 import common 44 import tls_bunny 45 reverse_proxy http://127.0.0.1:4002 46 ''; 47 }; 48}