2021-04-12 01:44:10 +01:00
|
|
|
{
|
2022-10-10 13:03:08 +01:00
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}: {
|
2021-12-26 19:00:59 +00:00
|
|
|
users = {
|
|
|
|
extraUsers.webserver = {
|
|
|
|
uid = config.ids.uids.webserver;
|
|
|
|
group = config.users.extraGroups.webserver.name;
|
|
|
|
isSystemUser = true;
|
|
|
|
description = "tlater.net web server user";
|
|
|
|
};
|
2022-10-10 13:03:08 +01:00
|
|
|
extraGroups.webserver = {gid = config.ids.gids.webserver;};
|
2021-04-19 00:39:33 +01:00
|
|
|
};
|
|
|
|
|
2021-04-12 01:44:10 +01:00
|
|
|
virtualisation.oci-containers.containers.webserver = {
|
|
|
|
image = "tlaternet/webserver";
|
|
|
|
|
|
|
|
imageFile = pkgs.dockerTools.buildImage {
|
|
|
|
name = "tlaternet/webserver";
|
|
|
|
tag = "latest";
|
|
|
|
contents = pkgs.tlaternet-webserver.webserver;
|
|
|
|
|
2021-04-19 00:39:33 +01:00
|
|
|
config = let
|
2021-12-26 19:00:59 +00:00
|
|
|
uid = toString config.users.extraUsers.webserver.uid;
|
|
|
|
gid = toString config.users.extraGroups.webserver.gid;
|
2021-04-19 00:39:33 +01:00
|
|
|
in {
|
2022-10-10 13:03:08 +01:00
|
|
|
Cmd = ["tlaternet-webserver"];
|
|
|
|
Volumes = {"/srv/mail" = {};};
|
2021-04-12 01:44:10 +01:00
|
|
|
Env = [
|
2021-04-19 00:39:33 +01:00
|
|
|
"ROCKET_PORT=3002"
|
2021-04-12 01:44:10 +01:00
|
|
|
"ROCKET_TEMPLATE_DIR=${pkgs.tlaternet-templates.templates}/browser/"
|
|
|
|
];
|
2022-10-10 13:03:08 +01:00
|
|
|
ExposedPorts = {"3002" = {};};
|
2021-04-19 00:39:33 +01:00
|
|
|
User = "${uid}:${gid}";
|
2021-04-12 01:44:10 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2022-10-10 13:03:08 +01:00
|
|
|
ports = ["3002:3002"];
|
|
|
|
volumes = ["tlaternet-mail:/srv/mail"];
|
2021-05-17 00:18:51 +01:00
|
|
|
extraOptions = [
|
|
|
|
"--hostname=tlater.net"
|
|
|
|
# Rocket 0.4 doesn't support SIGTERM anyway, so SIGKILL is the cleanest exit possible.
|
|
|
|
"--stop-signal=SIGKILL"
|
|
|
|
];
|
2021-04-12 01:44:10 +01:00
|
|
|
};
|
|
|
|
}
|