{ ... }:
{
systemd.tmpfiles.rules = [
"f /run/agenix/nginx 0770 nginx nginx -"
];
services = {
hledger-web = {
enable = true;
host = "127.0.0.1";
port = 7777;
baseUrl = "https://ledger.bhankas.org";
stateDir = "/var/lib/hledger";
capabilities = {
view = true;
add = true;
manage = true;
};
journalFiles = [
".hledger.journal"
extraOptions = [
"--forecast"
nginx = {
virtualHosts = {
"ledger.bhankas.org" = {
addSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:7777";
proxyWebsockets = false;
extraConfig =
"proxy_set_header Host $host;\n"
+ "auth_basic \"Username and Password Required\";\n"
+ "auth_basic_user_file /run/agenix/nginx;"
;
security.acme = {
acceptTerms = true;
certs = {
email = "admin@bhankas.org";
dnsResolver = "1.1.1.1:53";
}