dotfiles/nix/modules/services/moviefeed.nix (view raw)
| 1 | { pkgs, ... }: |
| 2 | let |
| 3 | configFile = "/home/q/moviedfeed.yml"; |
| 4 | moviefeed = pkgs.buildGoModule { |
| 5 | pname = "moviefeed"; |
| 6 | version = "lol"; |
| 7 | vendorHash = "sha256-FWkYhhX/cZhF+ctgbYPhPRYcQZSLIL3zoaxqrbWZCcU="; |
| 8 | src = pkgs.fetchFromGitHub { |
| 9 | owner = "olexsmir"; |
| 10 | repo = "moviefeed"; |
| 11 | rev = "1875224"; |
| 12 | hash = "sha256-rmFLFbVQ4P2LdezM6ZGS+DI9NY4VMpXrp1p1QjB9FO0="; |
| 13 | }; |
| 14 | }; |
| 15 | in { |
| 16 | services.caddy.virtualHosts."moviefeed.olexsmir.xyz".extraConfig = '' |
| 17 | reverse_proxy localhost:8000 |
| 18 | ''; |
| 19 | |
| 20 | systemd.services.moviefeed = { |
| 21 | description = "moviefeed API server"; |
| 22 | wantedBy = [ "multi-user.target" ]; |
| 23 | after = [ "network-online.target" ]; |
| 24 | wants = [ "network-online.target" ]; |
| 25 | |
| 26 | serviceConfig = { |
| 27 | Type = "simple"; |
| 28 | User = "q"; |
| 29 | Restart = "on-failure"; |
| 30 | RestartSec = 2; |
| 31 | ExecStart = "${moviefeed}/bin/moviefeed --config ${configFile}"; |
| 32 | NoNewPrivileges = true; |
| 33 | ProtectSystem = "strict"; |
| 34 | ReadOnlyPaths = [ configFile ]; |
| 35 | }; |
| 36 | }; |
| 37 | } |