diff --git a/modules/services/radicle.mod.nix b/modules/services/radicle.mod.nix index 6460e7d..90f9ed2 100644 --- a/modules/services/radicle.mod.nix +++ b/modules/services/radicle.mod.nix @@ -1,44 +1,50 @@ { config, lib, - pkgs, ... }: let inherit (lib.lists) singleton; inherit (lib.modules) mkIf; inherit (lib.options) mkEnableOption; - inherit (lib.strings) toString; - port = toString 8776; - domain = "git.faukah.com"; + inherit (builtins) toString; + port = 3867; + httpd_port = 3868; + domain = "seed.faukah.com"; cfg = config.modules.system.services.radicle; in { options.modules.system.services.radicle.enable = mkEnableOption "radicle"; - config.services.radicle = mkIf cfg.enable { - enable = false; - checkConfig = true; - privateKeyFile = "/etc/ssh/ssh_host_ed25519_key"; - publicKey = "/etc/ssh/ssh_host_ed25519_key.pub"; - httpd = { + config.services = mkIf cfg.enable { + nginx = { enable = true; - listenPort = port; - listenAddress = "[::]"; - nginx = { + virtualHosts.${domain} = { addSSL = true; enableACME = true; - serverName = domain; + locations."/" = { + proxyPass = "http://localhost:${toString httpd_port}"; + }; }; }; - settings = { - node = { - alias = domain; - listen = singleton "[::]:${port}"; - externalAddresses = "${domain}:${port}"; - seedingPolicy = { - default = "block"; - scope = "all"; + radicle = { + enable = true; + checkConfig = true; + privateKeyFile = "/etc/ssh/ssh_host_ed25519_key"; + publicKey = "/etc/ssh/ssh_host_ed25519_key.pub"; + httpd = { + enable = true; + listenPort = httpd_port; + }; + settings = { + node = { + alias = domain; + listen = singleton "[::]:${toString port}"; + externalAddresses = singleton "${domain}:${toString port}"; + seedingPolicy = { + default = "block"; + scope = "all"; + }; }; }; };