tlaternet-server/configuration/services/webserver.nix

48 lines
1.3 KiB
Nix
Raw Normal View History

2021-04-12 01:44:10 +01:00
{
config,
pkgs,
...
}: {
2021-12-26 19:00:59 +00:00
users = {
extraUsers.webserver = {
uid = config.ids.uids.webserver;
group = config.users.extraGroups.webserver.name;
isSystemUser = true;
description = "tlater.net web server user";
};
extraGroups.webserver = {gid = config.ids.gids.webserver;};
};
2021-04-12 01:44:10 +01:00
virtualisation.oci-containers.containers.webserver = {
image = "tlaternet/webserver";
imageFile = pkgs.dockerTools.buildImage {
name = "tlaternet/webserver";
tag = "latest";
contents = pkgs.tlaternet-webserver.webserver;
config = let
2021-12-26 19:00:59 +00:00
uid = toString config.users.extraUsers.webserver.uid;
gid = toString config.users.extraGroups.webserver.gid;
in {
Cmd = ["tlaternet-webserver"];
Volumes = {"/srv/mail" = {};};
2021-04-12 01:44:10 +01:00
Env = [
"ROCKET_PORT=3002"
2021-04-12 01:44:10 +01:00
"ROCKET_TEMPLATE_DIR=${pkgs.tlaternet-templates.templates}/browser/"
];
ExposedPorts = {"3002" = {};};
User = "${uid}:${gid}";
2021-04-12 01:44:10 +01:00
};
};
ports = ["3002:3002"];
volumes = ["tlaternet-mail:/srv/mail"];
extraOptions = [
"--hostname=tlater.net"
# Rocket 0.4 doesn't support SIGTERM anyway, so SIGKILL is the cleanest exit possible.
"--stop-signal=SIGKILL"
];
2021-04-12 01:44:10 +01:00
};
}