xyno/nix-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix-configs/old-conf/hosts/picard/plausible.nix
Lucy Hochkamp 83de52d5db Add 'old-conf/' from commit '62a64a79a8' 
git-subtree-dir: old-conf
git-subtree-mainline: 4667974392
git-subtree-split: 62a64a79a8
2025-11-21 13:33:06 +01:00

76 lines
3.2 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
let domain = "stats.xyno.space";
in {
ragon.agenix.secrets."plausibleAdminPw" = { };
ragon.agenix.secrets."plausibleReleaseCookie" = { };
ragon.agenix.secrets."plausibleSecretKeybase" = { };
ragon.agenix.secrets."plausibleGoogleClientId" = { };
ragon.agenix.secrets."plausibleGoogleClientSecret" = { };
ragon.agenix.secrets."smtpPassword" = { };
systemd.services.plausible.serviceConfig.LoadCredential = [
"GOOGLE_CLIENT_ID:${config.age.secrets.plausibleGoogleClientId.path}"
"GOOGLE_CLIENT_SECRET:${config.age.secrets.plausibleGoogleClientSecret.path}"
];
systemd.services.plausible.environment = {
IP_GEOLOCATION_DB = "${pkgs.unstable.dbip-country-lite}/share/dbip/dbip-country-lite.mmdb";
DATABASE_URL = "postgresql:///plausible?host=/run/postgresql";
};
# systemd.services.plausible.script =
# let cfg = config.services.plausible; in lib.mkForce ''
# # Elixir does not start up if `RELEASE_COOKIE` is not set,
# # even though we set `RELEASE_DISTRIBUTION=none` so the cookie should be unused.
# # Thus, make a random one, which should then be ignored.
# export RELEASE_COOKIE=$(tr -dc A-Za-z0-9 < /dev/urandom | head -c 20)
# export ADMIN_USER_PWD="$(< $CREDENTIALS_DIRECTORY/ADMIN_USER_PWD )"
# export SECRET_KEY_BASE="$(< $CREDENTIALS_DIRECTORY/SECRET_KEY_BASE )"
# ${lib.optionalString (
# cfg.mail.smtp.passwordFile != null
# ) ''export SMTP_USER_PWD="$(< $CREDENTIALS_DIRECTORY/SMTP_USER_PWD )"''}
# echo setup
# ${lib.optionalString cfg.database.postgres.setup ''
# # setup
# ${cfg.package}/createdb.sh
# ''}
# echo migrate
# ${cfg.package}/migrate.sh
# export IP_GEOLOCATION_DB=${pkgs.dbip-country-lite}/share/dbip/dbip-country-lite.mmdb
# # ${cfg.package}/bin/plausible eval "(Plausible.Release.prepare() ; Plausible.Auth.create_user(\"$ADMIN_USER_NAME\", \"$ADMIN_USER_EMAIL\", \"$ADMIN_USER_PWD\"))"
# echo start
# exec plausible start
# '';
services.plausible = {
enable = true;
package = pkgs.unstable.plausible;
# releaseCookiePath = config.age.secrets.plausibleSecretKeybase.path;
# adminUser = {
# # activate is used to skip the email verification of the admin-user that's
# # automatically created by plausible. This is only supported if
# # postgresql is configured by the module. This is done by default, but
# # can be turned off with services.plausible.database.postgres.setup.
# activate = true;
# email = "plausible@xyno.space";
# passwordFile = config.age.secrets.plausibleAdminPw.path;
# };
server = {
baseUrl = "https://${domain}";
secretKeybaseFile = config.age.secrets.plausibleSecretKeybase.path;
};
mail.email = "plausible@hailsatan.eu";
mail.smtp = {
user = "plausible@hailsatan.eu";
passwordFile = config.age.secrets.smtpPassword.path;
hostAddr = "mail.hailsatan.eu";
hostPort = 465;
enableSSL = true;
};
};
ragon.persist.extraDirectories = [ "/var/lib/private/plausible" "/var/lib/clickhouse" ];
}
Reference in a new issue View git blame Copy permalink