thrall: configure hledger-web service

2023-07-24 20:19:22 +02:00 · 2023-07-24 20:19:22 +02:00 · 3385a2362b
commit 3385a2362b
parent c0b95af1bf
1 changed files with 20 additions and 3 deletions
--- a/hosts/thrall/default.nix
+++ b/hosts/thrall/default.nix
@ -3,7 +3,9 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).

 { config, pkgs, ... }:
-let extIface = "ens3";
+let
+  extIface = "ens3";
+  ledgerVHost = "ledger.failco.de";
 in {
  imports = [ # Include the results of the hardware scan.
    ./hardware-configuration.nix
@ -244,12 +246,14 @@ in {
    };

    # hledger
-    "ledger.failco.de" = {
+    "${ledgerVHost}" = {
      forceSSL = true;
      enableACME = true;
      basicAuthFile = config.age.secrets.hledger-web.path;
      locations."/" = {
-        proxyPass = "http://127.0.0.1:3003/";
+        proxyPass = "http://${config.services.hledger-web.host}:${
+            toString config.services.hledger-web.port
+          }/";
        proxyWebsockets = true;
      };
    };
@ -291,6 +295,19 @@ in {
    };
  };

+  services.hledger-web = {
+    enable = true;
+    baseUrl = "https://${ledgerVHost}";
+    port = 3003;
+    capabilities = {
+      view = true;
+      add = true;
+      manage = true;
+    };
+    journalFiles = [ "current.journal" ];
+    extraOptions = [ "-B" "--value=then" ];
+  };
+
  services.fail2ban = {
    enable = true;
    maxretry = 5;