infrastructure/machines/web01/plausible.nix
Tom Hubrecht 4be2f40abe feat(dgn-web): Enable module on nodes serving web content
Also remove the firewall config as it is now centralized.
2023-10-01 23:08:54 +02:00

55 lines
1.1 KiB
Nix

{ config, ... }:
let
host = "analytics.dgnum.eu";
port = 8111;
in
{
services.plausible = {
enable = true;
mail = {
email = "analytics@infra.dgnum.eu";
smtp = {
user = "web-services@infra.dgnum.eu";
passwordFile = config.age.secrets."_smtp-password-file".path;
hostPort = 465;
hostAddr = "kurisu.lahfa.xyz";
enableSSL = true;
};
};
server = {
baseUrl = "https://${host}";
inherit port;
disableRegistration = false;
secretKeybaseFile = config.age.secrets."plausible_secret-key-base-file".path;
};
releaseCookiePath = config.age.secrets."plausible_release-cookie-file".path;
adminUser = {
passwordFile = config.age.secrets."plausible_admin-user-password-file".path;
email = "tom.hubrecht@dgnum.eu";
name = "thubrecht";
activate = true;
};
};
services.nginx = {
enable = true;
virtualHosts.${host} = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${builtins.toString port}";
};
};
};
}