hosts/weird-row-server/pds.nix at main · wiro.world/dotfiles

wiro.world / dotfiles

yep, more dotfiles

dotfiles / hosts / weird-row-server / pds.nix

at main 894 B view raw

 1{ config
 2, ...
 3}:
 4
 5let
 6  pds-port = 3001;
 7  pds-hostname = "pds.wiro.world";
 8in
 9{
10  config = {
11    age.secrets.pds-env.file = secrets/pds-env.age;
12    services.bluesky-pds = {
13      enable = true;
14
15      settings = {
16        PDS_HOSTNAME = "pds.wiro.world";
17        PDS_PORT = pds-port;
18        # is in systemd /tmp subfolder
19        LOG_DESTINATION = "/tmp/pds.log";
20      };
21
22      environmentFiles = [
23        config.age.secrets.pds-env.path
24      ];
25    };
26
27    services.caddy = {
28      globalConfig = ''
29        on_demand_tls {
30          ask http://localhost:${toString pds-port}/tls-check
31        }
32      '';
33
34      virtualHosts.${pds-hostname} = {
35        serverAliases = [ "*.${pds-hostname}" ];
36        extraConfig = ''
37        	tls { on_demand }
38          reverse_proxy http://localhost:${toString config.services.bluesky-pds.settings.PDS_HOSTNAME}
39        '';
40      };
41    };
42  };
43}