diff options
Diffstat (limited to '')
| -rw-r--r-- | modules/nixos/soju.nix | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/modules/nixos/soju.nix b/modules/nixos/soju.nix index b43fbdc..ea95bb3 100644 --- a/modules/nixos/soju.nix +++ b/modules/nixos/soju.nix @@ -11,12 +11,6 @@ in { options.nixfiles.modules.soju = { enable = mkEnableOption "soju"; - protocol = mkOption { - description = "Port."; - type = with types; enum ["ircs" "irc+insecure"]; - default = "irc+insecure"; - }; - address = mkOption { description = "Address."; type = with types; str; @@ -26,7 +20,7 @@ in { port = mkOption { description = "Port."; type = with types; port; - default = 6667; + default = 6697; }; domain = mkOption { @@ -50,13 +44,17 @@ in { db = "soju"; in mkIf cfg.enable { - nixfiles.modules.postgresql = { - enable = true; - extraPostStart = [ - '' - $PSQL "${db}" -tAc 'GRANT ALL ON SCHEMA "public" TO "${db}"' - '' - ]; + nixfiles.modules = { + acme.enable = true; + nginx.enable = true; + postgresql = { + enable = true; + extraPostStart = [ + '' + $PSQL "${db}" -tAc 'GRANT ALL ON SCHEMA "public" TO "${db}"' + '' + ]; + }; }; services.postgresql = { @@ -77,7 +75,8 @@ in { ExecStart = let # https://soju.im/doc/soju.1.html configFile = pkgs.writeText "soju.conf" '' - listen ${cfg.protocol}://${cfg.address}:${toString cfg.port} + listen ircs://${cfg.address}:${toString cfg.port} + tls ${with config.certs.${cfg.domain}; "${directory}/fullchain.pem ${directory}/key.pem"} ${ with cfg.prometheus; optionalString enable @@ -100,6 +99,7 @@ in { "-config ${configFile}" ]; DynamicUser = true; + SupplementaryGroups = [config.services.nginx.group]; AmbientCapabilities = [""]; CapabilityBoundingSet = [""]; UMask = "0077"; |