{ options , lib , config , pkgs , modulesPath }: let cfg = config.services.herocomics; in { options.services.herocomics = { enable = lib.mkEnableOption "Enable the herocomics service"; port = lib.mkOption { type = lib.types.int; default = 3000; description = '' The port on which herocomics-server will listen for incoming HTTP traffic. ''; }; keep = lib.mkOption { type = lib.types.path; default = "/var/lib/hero"; description = "herocomics-server database directory"; }; host = lib.mkOption { type = lib.types.package; description = "herocomics-server package to use"; }; node = lib.mkOption { type = lib.types.package; description = "herocomics-client package to use"; }; skey = lib.mkOption { type = lib.types.path; default = "/run/hero/skey"; description = "where to store the signing key"; }; domain = lib.mkOption { type = lib.types.str; default = "herocomics.app"; description = '' Domain on which to bind herocomics-server. This is passed to services.nginx.virtualHosts. directly. ''; }; }; config = lib.mkIf cfg.enable { systemd.services.herocomics = { path = [ cfg.deck ]; wantedBy = [ "multi-user.target" ]; script = '' ${cfg.deck}/bin/mmc ''; description = '' Hero Comics app server ''; serviceConfig = { KillSignal = "INT"; Environment = [ "HERO_NODE=${cfg.node}/static" "HERO_PORT=${toString cfg.port}" "HERO_KEEP=${cfg.keep}" "HERO_SKEY=/run/hero/skey" ]; Type = "simple"; Restart = "on-abort"; RestartSec = "1"; }; }; services.nginx = { enable = cfg.enable; recommendedGzipSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts = { "${cfg.domain}" = { forceSSL = true; enableACME = true; locations."/" = { proxyPass = "http://localhost:${toString cfg.port}"; }; }; }; }; }; }