fruitbasket/modules/decisions.nix

{ config, pkgs, ... }:
let
  domain = "decisions.${config.networking.domain}";
in
{
  sops.secrets."decisions_env" = { };
  virtualisation.oci-containers = {
    containers.decicions = {
      image = "decisions";
      volumes = [
        "/var/lib/nextcloud/data/root/files/FSR/protokolle:/protokolle:ro"
      ];
      environmentFiles = [
        config.sops.secrets."strukturbot_env".path
      ];
      extraOptions = [ "--network=host" ];
    };
  };

  services.nginx = {
    virtualHosts."${domain}" = {
      enableACME = true;
      forceSSL = true;
      locations."/" = {
        proxyPass = "http://127.0.0.1:5055";
      };
      extraConfig = ''
        auth_pam "LDAP Authentication Required";
        auth_pam_service_name "nginx";
      '';
    };
  };
}
decisions: init 2024-02-03 20:05:52 +01:00			`{ config, pkgs, ... }:`
			`let`
			`domain = "decisions.${config.networking.domain}";`
			`in`
			`{`
decisions: init secrets 2024-02-03 20:17:06 +01:00			`sops.secrets."decisions_env" = { };`
decisions: init 2024-02-03 20:05:52 +01:00			`virtualisation.oci-containers = {`
			`containers.decicions = {`
			`image = "decisions";`
			`volumes = [`
			`"/var/lib/nextcloud/data/root/files/FSR/protokolle:/protokolle:ro"`
			`];`
decisions: init secrets 2024-02-03 20:17:06 +01:00			`environmentFiles = [`
			`config.sops.secrets."strukturbot_env".path`
			`];`
decisions: init 2024-02-03 20:05:52 +01:00			`extraOptions = [ "--network=host" ];`
			`};`
			`};`

			`services.nginx = {`
			`virtualHosts."${domain}" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`locations."/" = {`
			`proxyPass = "http://127.0.0.1:5055";`
			`};`
			`extraConfig = ''`
			`auth_pam "LDAP Authentication Required";`
			`auth_pam_service_name "nginx";`
			`'';`
			`};`
			`};`
			`}`