78 lines
1.8 KiB
Nix
78 lines
1.8 KiB
Nix
{
|
|
inputs,
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
let
|
|
cfg = config.services.headplane;
|
|
inherit (config.networking) domain;
|
|
inherit (cfg.reverseProxy) subdomain;
|
|
fqdn = if (cfg.reverseProxy.enable && subdomain != "") then "${subdomain}.${domain}" else domain;
|
|
inherit (config.services) headscale;
|
|
|
|
inherit (lib)
|
|
mkDefault
|
|
mkIf
|
|
;
|
|
|
|
inherit (lib.utils)
|
|
mkReverseProxyOption
|
|
mkVirtualHost
|
|
;
|
|
in
|
|
{
|
|
imports = [ inputs.headplane.nixosModules.headplane ];
|
|
|
|
options.services.headplane = {
|
|
reverseProxy = mkReverseProxyOption "Headplane" "hp";
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
nixpkgs.overlays = [
|
|
inputs.headplane.overlays.default
|
|
];
|
|
|
|
services.headplane = {
|
|
settings = {
|
|
server = {
|
|
host = mkDefault (if cfg.reverseProxy.enable then "127.0.0.1" else "0.0.0.0");
|
|
port = mkDefault 3000;
|
|
cookie_secret_path = config.sops.secrets."headplane/cookie_secret".path;
|
|
};
|
|
headscale = {
|
|
url = "http://127.0.0.1:${toString headscale.port}";
|
|
public_url = headscale.settings.server_url;
|
|
config_path = "/etc/headscale/config.yaml";
|
|
api_key_path = config.sops.secrets."headplane/api_key".path;
|
|
};
|
|
integration.agent = {
|
|
enabled = mkDefault true;
|
|
};
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts = mkIf cfg.reverseProxy.enable {
|
|
"${fqdn}" = mkVirtualHost {
|
|
inherit (cfg.settings.server) port;
|
|
ssl = cfg.reverseProxy.forceSSL;
|
|
};
|
|
};
|
|
|
|
sops.secrets =
|
|
let
|
|
owner = headscale.user;
|
|
inherit (headscale) group;
|
|
mode = "0400";
|
|
in
|
|
{
|
|
"headplane/cookie_secret" = {
|
|
inherit owner group mode;
|
|
};
|
|
"headplane/api_key" = {
|
|
inherit owner group mode;
|
|
};
|
|
};
|
|
};
|
|
}
|