diff options
| author | Frederik Rietdijk <fridh@fridh.nl> | 2018-04-09 15:12:32 +0200 |
|---|---|---|
| committer | Frederik Rietdijk <fridh@fridh.nl> | 2018-04-09 15:12:32 +0200 |
| commit | 0aa59a08d65461149552f68c638655ed2b474510 (patch) | |
| tree | 95b176cf0459529707be2f16d6b87eb96fd4e01a /nixos/modules/services | |
| parent | 2cf343fc96b82772b9ab3700fe43eb142d100179 (diff) | |
| parent | 2ab846211c52e3d7bb26b0888c9777598e921591 (diff) | |
| download | nixlib-0aa59a08d65461149552f68c638655ed2b474510.tar nixlib-0aa59a08d65461149552f68c638655ed2b474510.tar.gz nixlib-0aa59a08d65461149552f68c638655ed2b474510.tar.bz2 nixlib-0aa59a08d65461149552f68c638655ed2b474510.tar.lz nixlib-0aa59a08d65461149552f68c638655ed2b474510.tar.xz nixlib-0aa59a08d65461149552f68c638655ed2b474510.tar.zst nixlib-0aa59a08d65461149552f68c638655ed2b474510.zip | |
Merge master into staging
Diffstat (limited to 'nixos/modules/services')
| -rw-r--r-- | nixos/modules/services/backup/duplicati.nix | 40 | ||||
| -rw-r--r-- | nixos/modules/services/web-servers/nginx/default.nix | 9 |
2 files changed, 45 insertions, 4 deletions
diff --git a/nixos/modules/services/backup/duplicati.nix b/nixos/modules/services/backup/duplicati.nix new file mode 100644 index 000000000000..9772ca4d20a7 --- /dev/null +++ b/nixos/modules/services/backup/duplicati.nix @@ -0,0 +1,40 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.duplicati; +in +{ + options = { + services.duplicati = { + enable = mkEnableOption "Duplicati"; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = [ pkgs.duplicati ]; + + systemd.services.duplicati = { + description = "Duplicati backup"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "duplicati"; + Group = "duplicati"; + ExecStart = "${pkgs.duplicati}/bin/duplicati-server --webservice-interface=any --webservice-port=8200 --server-datafolder=/var/lib/duplicati"; + Restart = "on-failure"; + }; + }; + + users.extraUsers.duplicati = { + uid = config.ids.uids.duplicati; + home = "/var/lib/duplicati"; + createHome = true; + group = "duplicati"; + }; + users.extraGroups.duplicati.gid = config.ids.gids.duplicati; + + }; +} + diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index dee877f1c114..938a8a1fe334 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -9,15 +9,16 @@ let serverName = if vhostConfig.serverName != null then vhostConfig.serverName else vhostName; + acmeDirectory = config.security.acme.directory; in vhostConfig // { inherit serverName; } // (optionalAttrs vhostConfig.enableACME { - sslCertificate = "/var/lib/acme/${serverName}/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/${serverName}/key.pem"; + sslCertificate = "${acmeDirectory}/${serverName}/fullchain.pem"; + sslCertificateKey = "${acmeDirectory}/${serverName}/key.pem"; }) // (optionalAttrs (vhostConfig.useACMEHost != null) { - sslCertificate = "/var/lib/acme/${vhostConfig.useACMEHost}/fullchain.pem"; - sslCertificateKey = "/var/lib/acme/${vhostConfig.useACMEHost}/key.pem"; + sslCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/fullchain.pem"; + sslCertificateKey = "${acmeDirectory}/${vhostConfig.useACMEHost}/key.pem"; }) ) cfg.virtualHosts; enableIPv6 = config.networking.enableIPv6; |