fruitbasket/modules/decisions.nix

54 lines
1.2 KiB
Nix
Raw Normal View History

2024-02-03 20:05:52 +01:00
{ config, pkgs, ... }:
let
domain = "decisions.${config.networking.domain}";
in
{
2024-02-03 20:17:06 +01:00
sops.secrets."decisions_env" = { };
2024-02-03 20:05:52 +01:00
virtualisation.oci-containers = {
2024-02-04 13:08:14 +01:00
containers.decisions = {
2024-02-03 20:05:52 +01:00
image = "decisions";
volumes = [
"/var/lib/nextcloud/data/root/files/FSR/protokolle:/protokolle:ro"
];
2024-02-03 20:17:06 +01:00
environmentFiles = [
2024-02-22 12:20:21 +01:00
config.sops.secrets."decisions_env".path
2024-02-03 20:17:06 +01:00
];
2024-02-03 20:05:52 +01:00
extraOptions = [ "--network=host" ];
};
};
services.nginx = {
virtualHosts."${domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:5055";
};
};
};
2024-02-04 13:07:41 +01:00
services.portunus.dex.oidcClients = [{
id = "decisions";
callbackURL = "https://decisions.ifsr.de/auth";
}];
2024-02-04 13:07:41 +01:00
systemd.timers."decisions-to-db" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "01:11:00";
Unit = "decisions-to-db.service";
};
};
systemd.services."decisions-to-db" = {
script = ''
set -eu
2024-02-04 13:08:14 +01:00
${pkgs.docker}/bin/docker exec decisions python tex_to_db.py
2024-02-04 13:07:41 +01:00
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
2024-02-03 20:05:52 +01:00
}