65 lines
1.6 KiB
Nix
65 lines
1.6 KiB
Nix
{
|
|
config,
|
|
...
|
|
}:
|
|
{
|
|
services = {
|
|
firefly-iii = {
|
|
enable = true;
|
|
dataDir = "/srv/firefly";
|
|
group = "nginx";
|
|
settings = {
|
|
# keep-sorted start
|
|
ALLOW_WEBHOOKS = "true";
|
|
APP_KEY_FILE = config.age.secrets.firefly.path;
|
|
APP_URL = "https://firefly.fi33.buzz";
|
|
DEFAULT_LANGUAGE = "en_GB";
|
|
REPORT_ERRORS_ONLINE = "false";
|
|
TRUSTED_PROXIES = "**";
|
|
TZ = "Australia/Melbourne";
|
|
# keep-sorted end
|
|
};
|
|
};
|
|
|
|
borgmatic.settings.sqlite_databases = [
|
|
{
|
|
name = "firefly";
|
|
path = "/srv/firefly/storage/database/database.sqlite";
|
|
}
|
|
];
|
|
|
|
nginx.virtualHosts."firefly.fi33.buzz" = {
|
|
forceSSL = true;
|
|
useACMEHost = "fi33.buzz";
|
|
root = "${config.services.firefly-iii.package}/public";
|
|
locations = {
|
|
"/" = {
|
|
tryFiles = "$uri $uri/ /index.php?$query_string";
|
|
index = "index.php";
|
|
extraConfig = ''
|
|
sendfile off;
|
|
'';
|
|
};
|
|
"~ \\.php$" = {
|
|
extraConfig = ''
|
|
include ${config.services.nginx.package}/conf/fastcgi_params ;
|
|
fastcgi_param SCRIPT_FILENAME $request_filename;
|
|
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
|
|
fastcgi_pass unix:${config.services.phpfpm.pools.firefly-iii.socket};
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
age.secrets = {
|
|
firefly = {
|
|
file = ../../../secrets/firefly.age;
|
|
owner = "firefly-iii";
|
|
};
|
|
firefly-db = {
|
|
file = ../../../secrets/firefly-db.age;
|
|
owner = "firefly-iii";
|
|
};
|
|
};
|
|
}
|