Rebase to flake parts #11

2026-05-29 00:08:10 -03:00
parent 6978396646
commit 9a4ed1b04b
11 changed files with 232 additions and 16 deletions
@@ -0,0 +1,56 @@
+{ config, ... }:
+let
+  secretFilePath = ../secrets.yaml;
+in
+{
+  sops.secrets."personal-website/database-password".sopsFile = secretFilePath;
+  sops.secrets."personal-website/auth-secret".sopsFile = secretFilePath;
+  sops.secrets."personal-website/oauth-discord-client-secret".sopsFile = secretFilePath;
+
+  sops.templates."personal-website-postgres.env" = {
+    content = ''
+      POSTGRES_PASSWORD=${config.sops.placeholder."personal-website/database-password"}
+      POSTGRES_USER=chiassoncloud
+      POSTGRES_DB=chiassoncloud
+    '';
+  };
+
+  sops.templates."personal-website.env" = {
+    content = ''
+      DATABASE_URL=postgresql://chiassoncloud:${config.sops.placeholder."personal-website/database-password"}@personal-website-db:5432/chiassoncloud
+      AUTH_SECRET=${config.sops.placeholder."personal-website/auth-secret"}
+      AUTH_DISCORD_SECRET=${config.sops.placeholder."personal-website/oauth-discord-client-secret"}
+    '';
+  };
+
+  services.personalWebsite = {
+    enable = true;
+
+    app = {
+      image = "ghcr.io/olivierchiasson/personal-website:main";
+      ghcr = {
+        username = "olivierchiasson";
+        passwordFile = config.sops.secrets."swiftshare/ghcr-token".path;
+      };
+
+      port = 3001;
+      authUrl = "https://chiasson.cloud";
+      publicUrl = "https://chiasson.cloud";
+      disableTelemetry = true;
+      environmentFiles = [ config.sops.templates."personal-website.env".path ];
+    };
+
+    database = {
+      user = "chiassoncloud";
+      name = "chiassoncloud";
+      environmentFiles = [ config.sops.templates."personal-website-postgres.env".path ];
+    };
+
+    auth.discord.clientId = "1400660345068191855";
+
+    umami = {
+      websiteId = "3b2f29d3-11b8-4a3b-bc76-bda3f27926d1";
+      scriptUrl = "https://analytics.chiasson.cloud/script.js";
+    };
+  };
+}