modules/blog.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

{ config, lib, inputs, pkgs, ... }: with lib; let
  cfg = config.santi-modules.services.blog;
  blog = pkgs.stdenv.mkDerivation {
    name="hugo-blog";
    src = inputs.blog;
    buildInputs = [ pkgs.hugo ];
    buildPhase = ''
      mkdir $out
      hugo --destination $out
    '';
  };
in {
  options.santi-modules.services.blog = {
    enable = mkEnableOption "Enable blog hosting";
    url = mkOption {
      type = types.str;
      default = "santi.net.br";
      description = "Url to serve blog on";
    };
  };
  config = mkIf cfg.enable {
    networking.firewall.allowedTCPPorts = [ 80 443 ];
    # TODO: enable SSL
    services.nginx = {
      enable = true;
      virtualHosts.${cfg.url} = {
        addSSL = true;
        enableACME = true;
        root = blog;
      };
    };
    security.acme = {
      acceptTerms = true;
      certs.${cfg.url}.email = "[email protected]";
    };
  };
}