citadel

My dotfiles, scripts and nix configs
git clone git://jb55.com/citadel
Log | Files | Refs | README | LICENSE

default.nix (1792B)


      1 extra:
      2 { config, lib, pkgs, ... }:
      3 let
      4   port = "8989";
      5   monstercatpkgs = import <monstercatpkgs> {};
      6   payments-server = monstercatpkgs.payments-server;
      7   payments-client = monstercatpkgs.payments-client;
      8 in
      9 {
     10   services.nginx.httpConfig = lib.mkIf config.services.nginx.enable ''
     11     server {
     12       listen 80;
     13       server_name payments.zero.monster.cat;
     14       root ${payments-client}/share;
     15       index index.html;
     16 
     17       location ^~ /api/ {
     18         proxy_pass  http://localhost:${port}/;
     19         proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
     20         proxy_redirect off;
     21         proxy_buffering off;
     22         proxy_intercept_errors on;
     23         proxy_set_header        Host            $host;
     24         proxy_set_header        X-Real-IP       $remote_addr;
     25         proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
     26       }
     27 
     28       location / {
     29         try_files $uri $uri /index.html;
     30       }
     31     }
     32   '';
     33 
     34   systemd.services.payments-server = {
     35     description = "Monstercat Payments Server";
     36 
     37     wantedBy = [ "multi-user.target" ];
     38     after = [ "network.target" "redis.service" "postgresql.service" ];
     39 
     40     environment = with extra.private; {
     41       POSTGRES_USER     = "jb55";
     42       POSTGRES_PASSWORD = "";
     43       POSTGRES_HOST     = "db.zero.monster.cat";
     44       POSTGRES_DATABASE = "Monstercat";
     45       REDIS_URL         = "redis://redis.zero.monster.cat:6379";
     46       PORT              = port;
     47       AWS_ACCESS_KEY    = aws_access_key;
     48       AWS_PRIVATE_KEY   = aws_secret_key;
     49       AWS_REGION        = aws_region;
     50       AWS_BUCKET        = aws_bucket;
     51     };
     52 
     53     serviceConfig.ExecStart = "${payments-server}/bin/payments-server";
     54     serviceConfig.Restart = "always";
     55     unitConfig.OnFailure = "notify-failed@%n.service";
     56   };
     57 }