hswaw
/
bitvend
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bitvend/module.nix

91 lines
2.4 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
let
inherit (lib) mkIf mkOption types;
cfg = config.services.bitvend;
bitvend = (import ./default.nix);
cfgFile = pkgs.writeText "bitvend.cfg"
''
SQLALCHEMY_DATABASE_URI = 'sqlite:///${cfg.stateDir}/bitvend.db'
SPACEAUTH_CONSUMER_KEY = '${cfg.spaceauthConsumerKey}'
SPACEAUTH_CONSUMER_SECRET = '${cfg.spaceauthConsumerSecret}'
BLOCKCYPHER_TOKEN = '${cfg.blockcypherToken}'
SECRET_KEY = '${cfg.secretKey}'
'';
in {
options.services.bitvend = {
enable = mkOption {
type = types.bool;
default = false;
description = "Whether to enable bitvend";
};
stateDir = mkOption {
type = types.path;
default = "/var/db/bitvend";
description = "Location of bitvend's config/data directory";
};
spaceauthConsumerKey = mkOption {
type = types.str;
default = "";
description = "spaceauth consumer key";
};
spaceauthConsumerSecret = mkOption {
type = types.str;
default = "";
description = "spaceauth consumer secret";
};
blockcypherToken = mkOption {
type = types.str;
default = "";
description = "blockcypher token";
};
secretKey = mkOption {
type = types.str;
default = "";
description = "blockcypher token";
};
hostName = mkOption {
type = types.str;
default = "vending.waw.hackerspace.pl";
description = "hostname";
};
};
config = mkIf cfg.enable {
systemd.services.bitvend = {
environment = {
BITVEND_SETTINGS = cfgFile;
};
wantedBy = [ "multi-user.target" ];
script = ''
${bitvend}/bin/bitvend-run.py
'';
};
systemd.tmpfiles.rules = [
"d '${cfg.stateDir}' 0750 'root' 'root' - -"
];
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx = {
enable = true;
appendHttpConfig = ''
proxy_cache_path /tmp/nginx-cache levels=1:2 keys_zone=qrcode_cache:10m max_size=50m inactive=60m;
'';
virtualHosts."${cfg.hostName}" = {
locations."/" = {
proxyPass = "http://127.0.0.1:5000";
};
locations."/qrcode/" = {
proxyPass = "http://127.0.0.1:5000";
extraConfig = ''
add_header X-Proxy-Cache $upstream_cache_status;
proxy_cache qrcode_cache;
'';
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink