mirror of
https://github.com/nmasur/dotfiles
synced 2025-11-04 07:03:17 +00:00
83 lines
1.9 KiB
Nix
83 lines
1.9 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
let
|
|
inherit (config.nmasur.settings) username hostnames;
|
|
cfg = config.nmasur.presets.services.pgweb;
|
|
in
|
|
|
|
{
|
|
|
|
options.nmasur.presets.services.pgweb = {
|
|
enable = lib.mkEnableOption "Postgres web UI";
|
|
port = lib.mkOption {
|
|
type = lib.types.port;
|
|
description = "Port to use for the localhost";
|
|
default = 8081;
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
systemd.services.pgweb = {
|
|
description = "Postgres web UI";
|
|
after = [
|
|
"postgresql.target"
|
|
];
|
|
# requires = [ "pgweb-secret.service" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
DynamicUser = false;
|
|
User = "postgres";
|
|
Group = "postgres";
|
|
StateDirectory = "pgweb";
|
|
ExecStart =
|
|
let
|
|
args = [
|
|
"--url postgres:///hippocampus?host=/run/postgresql"
|
|
];
|
|
in
|
|
"${lib.getExe pkgs.pgweb} ${toString args}";
|
|
};
|
|
};
|
|
|
|
# Allow web traffic to Caddy
|
|
nmasur.presets.services.caddy.routes = [
|
|
{
|
|
match = [ { host = [ hostnames.postgresql ]; } ];
|
|
handle = [
|
|
{
|
|
handler = "authentication";
|
|
providers = {
|
|
http_basic = {
|
|
hash = {
|
|
algorithm = "bcrypt";
|
|
};
|
|
accounts = [
|
|
{
|
|
username = username;
|
|
password = "$2a$14$dtzWBh7ZDNgqFIJTJO7Rxe15Y189agBiWKZFJbs4sZz7QhqGQAwJS";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
}
|
|
{
|
|
handler = "reverse_proxy";
|
|
upstreams = [ { dial = "localhost:${builtins.toString cfg.port}"; } ];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
|
|
# Configure Cloudflare DNS to point to this machine
|
|
services.cloudflare-dyndns.domains = [ hostnames.postgresql ];
|
|
|
|
};
|
|
}
|