felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-06-16 01:29:14 +02:00
Code Issues Projects Releases Wiki Activity

temmie/userweb: split into more modules

Browse Source
This commit is contained in:
h7x4
2026-06-16 03:33:28 +09:00
parent 2301672a21
commit 254b1d9b14
5 changed files with 483 additions and 412 deletions
Download Patch File Download Diff File Expand all files Collapse all files
hosts/temmie/services/userweb/log-processor.nix
+5 -5
View File
@@ -1,8 +1,6 @@
{ config, lib, pkgs, values, ... }:
let
homeLetters = [ "a" "b" "c" "d" "h" "i" "j" "k" "l" "m" "z" ];
apache-log-processor = pkgs.callPackage ./apache-log-processor { };
mcfg = config.services.pvv-userweb;
in
{
sops.secrets = {
@@ -80,7 +78,7 @@ in
"+${lib.getExe pkgs.mount} --bind ${outputDir}/group /etc/group"
];
ExecStart = "${lib.getExe apache-log-processor} %i";
ExecStart = "${lib.getExe mcfg.apacheLogProcessorPackage} %i";
AmbientCapabilities = [ "CAP_SETUID" "CAP_SETGID" ];
CapabilityBoundingSet = [ "CAP_SETUID" "CAP_SETGID" ];
@@ -158,8 +156,10 @@ in
subuid: files
subgid: files
''}:/etc/nsswitch.conf"
] ++ lib.optionals mcfg.debugMode [
"/bin"
];
BindPaths = map (l: "/run/pvv-home-mounts/${l}:/home/pvv/${l}") homeLetters ++ [
BindPaths = map (l: "/run/pvv-home-mounts/${l}:/home/pvv/${l}") mcfg.homeLetters ++ [
"/var/log/httpd"
];
};