From 9ac950e8a1f9de4dee8a061a8375946c1a6f3e7a Mon Sep 17 00:00:00 2001 From: thiloho <123883702+thiloho@users.noreply.github.com> Date: Sun, 18 Aug 2024 15:26:33 +0200 Subject: [PATCH] Use configuration options for remaining hardcoded values in module --- nix/demo-server/default.nix | 4 ++ nix/module.nix | 46 ++++++++++++++----- .../[websiteId]/publish/+page.server.ts | 2 +- 3 files changed, 40 insertions(+), 12 deletions(-) diff --git a/nix/demo-server/default.nix b/nix/demo-server/default.nix index 5a94687..86b7fe7 100644 --- a/nix/demo-server/default.nix +++ b/nix/demo-server/default.nix @@ -66,6 +66,10 @@ enable = true; package = localArchtikaPackage; jwtSecret = "a42kVyAhTImYxZeebZkApoAZLmf0VtDA"; + domain = "demo.archtika.com"; + acmeEmail = "thilo.hohlt@tutanota.com"; + dnsProvider = "porkbun"; + dnsEnvironmentFile = /var/lib/porkbun.env; }; system.stateVersion = "24.11"; diff --git a/nix/module.nix b/nix/module.nix index 19d1801..e1bdb6e 100644 --- a/nix/module.nix +++ b/nix/module.nix @@ -50,6 +50,30 @@ in default = 10000; description = "Port on which the web application runs."; }; + + domain = mkOption { + type = types.str; + default = null; + description = "Domain to use for the application."; + }; + + acmeEmail = mkOption { + type = types.str; + default = null; + description = "Email to notify for the SSL certificate renewal process."; + }; + + dnsProvider = mkOption { + type = types.str; + default = null; + description = "DNS provider for the DNS-01 challenge (required for wildcard domains)."; + }; + + dnsEnvironmentFile = mkOption { + type = types.path; + default = null; + description = "API secrets for the DNS-01 challenge (required for wildcard domains)."; + }; }; config = mkIf cfg.enable { @@ -104,7 +128,7 @@ in }; script = '' - ORIGIN=https://demo.archtika.com PORT=${toString cfg.webAppPort} ${pkgs.nodejs_22}/bin/node ${cfg.package}/web-app + ORIGIN=https://${cfg.domain} PORT=${toString cfg.webAppPort} ${pkgs.nodejs_22}/bin/node ${cfg.package}/web-app ''; }; @@ -129,8 +153,8 @@ in recommendedTlsSettings = true; virtualHosts = { - "demo.archtika.com" = { - useACMEHost = "demo.archtika.com"; + "${cfg.domain}" = { + useACMEHost = cfg.domain; forceSSL = true; locations = { "/" = { @@ -156,8 +180,8 @@ in }; }; }; - "~^(?.+)\\.demo\\.archtika\\.com$" = { - useACMEHost = "demo.archtika.com"; + "~^(?.+)\\.${lib.strings.escapeRegex cfg.domain}$" = { + useACMEHost = cfg.domain; forceSSL = true; locations = { "/" = { @@ -172,12 +196,12 @@ in security.acme = { acceptTerms = true; - defaults.email = "thilo.hohlt@tutanota.com"; - certs."demo.archtika.com" = { - domain = "demo.archtika.com"; - extraDomainNames = ["*.demo.archtika.com"]; - dnsProvider = "porkbun"; - environmentFile = /var/lib/porkbun.env; + defaults.email = cfg.acmeEmail; + certs."${cfg.domain}" = { + domain = cfg.domain; + extraDomainNames = [ "*.${cfg.domain}" ]; + dnsProvider = cfg.dnsProvider; + environmentFile = cfg.dnsEnvironmentFile; group = config.services.nginx.group; }; }; diff --git a/web-app/src/routes/(authenticated)/website/[websiteId]/publish/+page.server.ts b/web-app/src/routes/(authenticated)/website/[websiteId]/publish/+page.server.ts index db094c2..d9fa1e1 100644 --- a/web-app/src/routes/(authenticated)/website/[websiteId]/publish/+page.server.ts +++ b/web-app/src/routes/(authenticated)/website/[websiteId]/publish/+page.server.ts @@ -78,7 +78,7 @@ const generateStaticFiles = async (websiteData: any, isPreview: boolean = true) logoType: websiteData.logo_type, logo: websiteData.logo_text, coverImage: article.cover_image - ? `${API_BASE_PREFIX === "/api" ? "https://demo.archtika.com/api" : API_BASE_PREFIX}/rpc/retrieve_file?id=${article.cover_image}` + ? `${API_BASE_PREFIX === "/api" ? `${process.env.ORIGIN}/api` : API_BASE_PREFIX}/rpc/retrieve_file?id=${article.cover_image}` : "", publicationDate: article.publication_date, mainContent: md.render(article.main_content ?? ""),