oysteikt/nix-dotfiles
oysteikt
/
nix-dotfiles
2
1
Fork 0
Code Issues Pull Requests Activity

tsuki/taskserver: (unfinished) start setting up taskserver and taskwarrior

This commit is contained in:
Oystein Kristoffer Tveit 2023-07-12 23:40:58 +02:00
parent 6c2bd3f2d5
commit 1f5832074b
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
2 changed files with 36 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/tsuki/configuration.nix
View File

@ -24,6 +24,7 @@
./services/pgadmin.nix ./services/pgadmin.nix
./services/plex.nix ./services/plex.nix
./services/postgres.nix ./services/postgres.nix
./services/taskserver.nix
./services/vaultwarden.nix ./services/vaultwarden.nix
./services/vscode-server.nix ./services/vscode-server.nix

35
hosts/tsuki/services/taskserver.nix Normal file
View File

@ -0,0 +1,35 @@
{ pkgs, config, secrets, ... }:
{
security.acme.certs."tasks.nani.wtf" = {
group = config.services.taskserver.group;
};
systemd.services.taskserver.serviceConfig = {
ReadOnlyPaths = config.security.acme.certs."tasks.nani.wtf".directory;
};
services.taskserver = {
enable = true;
fqdn = "todo.nani.wtf";
listenPort = secrets.ports.taskserver;
dataDir = "${config.machineVars.dataDrives.default}/var/taskserver";
organisations.h7x4 = {
groups = [ "users" ];
users = [ "h7x4" ];
};
pki.manual = let
inherit (config.security.acme.certs."tasks.nani.wtf") directory;
in {
server.key = "${directory}/key.pem";
server.cert = "${directory}/cert.pem";
ca.cert = "${directory}/chain.pem";
};
};
environment = {
systemPackages = with pkgs; [ taskserver ];
variables.TASKDDATA = config.services.taskserver.dataDir;
};
}