jakalx/nixos-config
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

thrall: configure hledger-web service

Browse source
This commit is contained in:
Alexander Kobjolke 2023-07-24 20:19:22 +02:00
parent c0b95af1bf
commit 3385a2362b
1 changed files with 20 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

23
hosts/thrall/default.nix
View file

@ -3,7 +3,9 @@
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }: { config, pkgs, ... }:
let extIface = "ens3"; let
extIface = "ens3";
ledgerVHost = "ledger.failco.de";
in { in {
imports = [ # Include the results of the hardware scan. imports = [ # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
@ -244,12 +246,14 @@ in {
}; };
# hledger # hledger
"ledger.failco.de" = { "${ledgerVHost}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
basicAuthFile = config.age.secrets.hledger-web.path; basicAuthFile = config.age.secrets.hledger-web.path;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:3003/"; proxyPass = "http://${config.services.hledger-web.host}:${
toString config.services.hledger-web.port
}/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
@ -291,6 +295,19 @@ in {
}; };
}; };
services.hledger-web = {
enable = true;
baseUrl = "https://${ledgerVHost}";
port = 3003;
capabilities = {
view = true;
add = true;
manage = true;
};
journalFiles = [ "current.journal" ];
extraOptions = [ "-B" "--value=then" ];
};
services.fail2ban = { services.fail2ban = {
enable = true; enable = true;
maxretry = 5; maxretry = 5;