enable soju

This commit is contained in:
Motiejus Jakštys 2023-08-22 14:28:59 +03:00
parent c4bd57c47d
commit 2e1af09789

View File

@ -223,6 +223,17 @@
"jakstys.lt.".data = myData.jakstysLTZone;
};
};
soju = {
enable = true;
listen = [":${toString myData.ports.soju}"];
tlsCertificate = "/run/soju/cert.pem";
tlsCertificateKey = "/run/soju/key.pem";
hostName = "irc.jakstys.lt";
extraConfig = ''
message-store db;
'';
};
};
systemd.services = {
@ -238,6 +249,25 @@
wants = ["nsd-acme-grafana.jakstys.lt.service"];
};
soju = let
acme = config.mj.services.nsd-acme.zones."irc.jakstys.lt";
in {
unitConfig.ConditionPathExists = [acme.certFile acme.keyFile];
serviceConfig = {
RuntimeDirectory = "soju";
LoadCredential = [
"irc.jakstys.lt-cert.pem:${acme.certFile}"
"irc.jakstys.lt-key.pem:${acme.keyFile}"
];
};
preStart = ''
ln -sf $CREDENTIALS_DIRECTORY/irc.jakstys.lt-cert.pem /run/soju/cert.pem
ln -sf $CREDENTIALS_DIRECTORY/irc.jakstys.lt-key.pem /run/soju/key.pem
'';
after = ["nsd-acme-irc.jakstys.lt.service"];
wants = ["nsd-acme-irc.jakstys.lt.service"];
};
grafana = {
preStart = "ln -sf $CREDENTIALS_DIRECTORY/oidc /run/grafana/oidc-secret";
serviceConfig = {