RGBCube/ncc
1
Fork 0
mirror of https://github.com/RGBCube/ncc synced 2025-07-30 11:37:44 +00:00
Code Issues Activity
ncc/hosts/best/plausible/default.nix

48 lines
1.3 KiB
Nix
Raw Permalink Blame History

{ config, self, lib, ... }: let
inherit (config.networking) domain;
inherit (lib) enabled merge mkConst;
fqdn = "shekels.${domain}";
port = 8007;
in {
imports = [
(self + /modules/nginx.nix)
(self + /modules/postgresql.nix)
];
config.secrets.plausibleKey = {
file = ./key.age;
owner = "plausible";
};
config.services.postgresql.ensure = [ "plausible" ];
config.services.plausible = enabled {
server = {
disableRegistration = true; # Setting it explicitly just in case.
secretKeybaseFile = config.secrets.plausibleKey.path;
baseUrl = "https://${fqdn}";
listenAddress = "::1";
inherit port;
};
};
options.services.plausible.extraNginxConfigFor = mkConst /* nginx */ (domain: ''
proxy_set_header Accept-Encoding ""; # Substitution won't work if it is compressed.
sub_filter "</head>" '<script defer data-domain="${domain}" src="https://${fqdn}/js/script.js"></script></head>';
sub_filter_last_modified on;
sub_filter_once on;
'');
config.services.nginx.virtualHosts.${fqdn} = merge config.services.nginx.sslTemplate {
extraConfig = config.services.plausible.extraNginxConfigFor fqdn;
locations."/" = {
proxyPass = "http://[::1]:${toString port}";
proxyWebsockets = true;
};
};
}
Reference in a new issue View git blame Copy permalink