sourcehut: update patch

[sourcephile-nix.git] / hosts / mermet / sourcehut.nix

diff --git a/hosts/mermet/sourcehut.nix b/hosts/mermet/sourcehut.nix
index 4ccf05f64f354fc326c346b351e3ebf471ea50c8..990d453900db87d1402adda0895a03d00102c9db 100644 (file)
--- a/hosts/mermet/sourcehut.nix
+++ b/hosts/mermet/sourcehut.nix
@@ -4,7 +4,7 @@ let
   inherit (config.services) sourcehut;
   inherit (config.users) users groups;
   inherit (config.security) gnupg;
-  domain = "hut.${networking.domain}";
+  domain = "code.${networking.domain}";
 in
 {
 security.gnupg.secrets = lib.genAttrs [
@@ -12,9 +12,13 @@ security.gnupg.secrets = lib.genAttrs [
     "sourcehut/service-key"
     "sourcehut/webhook-key"
     "sourcehut/oauth-client-secret"
-  ] (p: {
-  systemdConfig.before = [ "metasrht.service" ];
-  systemdConfig.wantedBy = [ "metasrht.service" ];
+  ] (p: let srhts = [
+    "metasrht.service"
+    "gitsrht.service"
+    "listsrht.service"
+  ]; in {
+  systemdConfig.before = srhts;
+  systemdConfig.wantedBy = srhts;
 });
 services.minio = {
   #enable = true;
@@ -37,19 +41,18 @@ services.sourcehut = {
 
   #dispatch.enable = true;
   git.enable = true;
-  #hub.enable = true;
+  hub.enable = true;
   meta.enable = true;
   meta.port = 4999;
   #man.enable = true;
   #pages.enable = true;
   #paste.enable = true;
-  #todo.enable = true;
-  lists.enable = true;
+  todo.enable = true;
+  #lists.enable = true;
 
   postgresql.enable = true;
   postfix.enable = true;
   redis.enable = true;
-  #redis.url = "redis+socket:///run/redis-sourcehut/redis.sock?virtual_host=";
   nginx.enable = true;
   nginx.virtualHost = {
     useACMEHost = networking.domain;
@@ -153,4 +156,11 @@ services.sanoid.datasets = {
     daily = 31;
   };
 };
+services.nginx = {
+  virtualHosts."~^(?<subdomain>[^.]+).hut.${networking.domain}" = {
+    forceSSL = true;
+    useACMEHost = networking.domain;
+    globalRedirect = "$subdomain.code.${networking.domain}";
+  };
+};
 }