feat(tazjin/nixos): deploy monica on koptevo r/6360

Change-Id: Iaa74d995f3b2556673095a32ec2b718dcb2d82a4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8849 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
author: Vincent Ambo <mail@tazj.in> 2023-06-22T15·55+0300
committer: tazjin <tazjin@tvl.su> 2023-06-29T08·54+0000
commit: d356f94ef15f9f8e517cc1bcc4b997b1c60d3b63 (patch)
tree: 00b38b3568ea203a371fa52d93b25c1992c5b45c /users/tazjin/nixos/modules
parent: ab8386440735c85120a009203b72a9ff2b43aebd (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/users/tazjin/nixos/modules/monica.nix b/users/tazjin/nixos/modules/monica.nix
new file mode 100644
index 000000000000..493bffb2f986
--- /dev/null
+++ b/users/tazjin/nixos/modules/monica.nix
@@ -0,0 +1,26 @@
+# Host the Monica personal CRM software.
+{ depot, config, ... }:
+
+{
+  imports = [
+    (depot.third_party.agenix.src + "/modules/age.nix")
+  ];
+
+  age.secrets.monica-appkey = {
+    group = config.services.monica.group;
+    file = depot.users.tazjin.secrets."monica-appkey.age";
+    mode = "0440";
+  };
+
+  services.monica = {
+    enable = true;
+    hostname = "monica.tazj.in";
+    appKeyFile = "/run/agenix/monica-appkey";
+    database.createLocally = true;
+
+    nginx = {
+      enableACME = true;
+      forceSSL = true;
+    };
+  };
+}
author	Vincent Ambo <mail@tazj.in>	2023-06-22T15·55+0300
committer	tazjin <tazjin@tvl.su>	2023-06-29T08·54+0000
commit	d356f94ef15f9f8e517cc1bcc4b997b1c60d3b63 (patch)
tree	00b38b3568ea203a371fa52d93b25c1992c5b45c /users/tazjin/nixos/modules
parent	ab8386440735c85120a009203b72a9ff2b43aebd (diff)