dotfiles/system/nixos/convos.nix

47 lines
1.1 KiB
Nix

{ lib, ... }:
{
systemd.tmpfiles.rules = [
"d /var/lib/convos 0755 root root"
];
virtualisation.oci-containers.containers.convos = {
image = "docker.io/convos/convos:stable";
ports = [ "192.168.42.2:3000:3000" ];
environment = {
"CONVOS_REVERSE_PROXY" = "1";
"TZ" = "Etc/UTC";
};
volumes = [
"/var/lib/convos:/data"
];
extraOptions = [
"--network=ns:/var/run/netns/wg"
"--label=com.centurylinklabs.watchtower.enable=true"
"--label=io.containers.autoupdate=registry"
];
};
systemd.services.podman-convos = {
bindsTo = [ "wg.service" ];
after = lib.mkForce [ "wg.service" ];
};
services.nginx.virtualHosts."convos.internal.kempkens.network" = {
quic = true;
http3 = true;
onlySSL = true;
useACMEHost = "internal.kempkens.network";
locations."/" = {
recommendedProxySettings = true;
proxyPass = "http://192.168.42.2:3000";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header X-Request-Base "$scheme://$host/";
'';
};
};
}