gram: `build`

> `./nixos/gram/expose.nix`

Lenses
(coming soon!)


{ command, channel, name, domain }:
{ pkgs, ... }:

let run = pkgs.writeShellScriptBin "${name}" command;
in {
  system.userActivationScripts."${name}".text = command;
  networking.firewall.allowedTCPPorts = [ 80 443 channel ];
  environment.systemPackages = [ run ];

  services.caddy = { enable = true;
    virtualHosts.${domain}.extraConfig = ''
    reverse_proxy 127.0.0.1:${toString channel}
    log {
      output file /var/lib/caddy/${name}.log {
        roll_size     200MiB
        roll_local_time
        roll_keep     1440
        roll_keep_for 1440d
      }
    }
    '';
  };

  systemd.services."${name}" = { enable = true;
    description = "${name}, running locally on :${toString channel} and securely proxied on ${domain}";
    wantedBy = ["multi-user.target"];
    unitConfig = { After = "local-fs.target"; Wants = "local-fs.target"; };
    serviceConfig = { ExecStart = "${run}/bin/${name}"; Type = "forking"; KillMode = "mixed"; TimeoutSec = 0; };
  };
}

gram: build

> ./nixos/gram/expose.nix

gram: `build`

> `./nixos/gram/expose.nix`