kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 10:11:08 +01:00
Code Releases Activity
Files
a5532f1e9d08da8d761847c1bc29eec942de6e17
niveum/systems/ful/hledger.nix
Kierán Meinhardt c3db0404b3 format
2025-12-27 22:22:54 +01:00

52 lines
1.2 KiB
Nix
Raw Blame History

{
config,
pkgs,
...
}:
{
services.hledger-web = {
enable = true;
allow = "edit";
serveApi = false; # serve only the JSON API
baseUrl = "https://ledger.kmein.de";
journalFiles = [
"privat.journal"
];
};
systemd.services.hledger-backup = {
enable = false;
startAt = "hourly";
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
script = ''
${pkgs.git}/bin/git config user.name "hledger-web"
${pkgs.git}/bin/git config user.email "hledger-web@${config.networking.hostName}"
${pkgs.git}/bin/git commit -am $(date -Ih) || :
${pkgs.git}/bin/git pull --rebase
${pkgs.git}/bin/git push
'';
serviceConfig = {
User = "root";
Group = "root";
WorkingDirectory = config.services.hledger-web.stateDir;
};
};
age.secrets = {
ledger-basicAuth = {
file = ../../secrets/ledger-basicAuth.age;
owner = "nginx";
group = "nginx";
mode = "400";
};
};
services.nginx.virtualHosts."ledger.kmein.de" = {
enableACME = true;
basicAuthFile = config.age.secrets.ledger-basicAuth.path;
forceSSL = true;
locations."/".proxyPass = "http://127.0.0.1:${toString config.services.hledger-web.port}";
};
}
View Git Blame Copy Permalink