37 lines
963 B
Nix
37 lines
963 B
Nix
{ config, ... }:
|
|
let
|
|
user = config.services.pounce.user;
|
|
|
|
# Helper template for networks
|
|
makeNetworkConfig = host: port: join: secret: {
|
|
content = ''
|
|
sasl-plain = prescientmoon:${config.sops.placeholder.${secret}}
|
|
nick = prescientmoon
|
|
host = ${host}
|
|
port = ${toString port}
|
|
join = ${join}
|
|
'';
|
|
owner = user;
|
|
};
|
|
in
|
|
{
|
|
# Generate cert
|
|
security.acme.certs."wildcard-irc.moonythm.dev" = {
|
|
group = user;
|
|
domain = "*.irc.moonythm.dev";
|
|
};
|
|
|
|
# Handle secrets using sops
|
|
sops.secrets.tilde_irc_pass.sopsFile = ../secrets.yaml;
|
|
sops.templates."pounce-tilde.cfg" = makeNetworkConfig "eu.tilde.chat" 6697 "#meta" "tilde_irc_pass";
|
|
|
|
# Configure pounce
|
|
services.pounce = {
|
|
enable = true;
|
|
externalHost = "irc.moonythm.dev";
|
|
bindHost = "irc.moonythm.dev";
|
|
certDir = "/var/lib/acme/wildcard-irc.moonythm.dev";
|
|
networks.tilde.config = config.sops.templates."pounce-tilde.cfg".path;
|
|
};
|
|
}
|