From dd53f3b23f021a14e0edb348a33b93ae63d13aca Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 5 Sep 2023 11:12:45 +0200
Subject: [PATCH] bgt/comments.nix: initial commit

---
 2configs/bgt/comments.nix | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 2configs/bgt/comments.nix

diff --git a/2configs/bgt/comments.nix b/2configs/bgt/comments.nix
new file mode 100644
index 0000000..e2b820a
--- /dev/null
+++ b/2configs/bgt/comments.nix
@@ -0,0 +1,26 @@
+let
+  configFile = config.sops.secrets."isso.conf".path;
+in {
+  sops.secrets."isso.conf" = {
+    owner = "isso";
+    group = "isso";
+  };
+
+  services.isso.enable = true;
+  # override the startup to allow secrets in the configFile
+  # following relevant config is inside:
+  # [general]
+  # dbpath = /var/lib/comments.db
+  # host = https://blog.binaergewitter.de
+  # listen = http://localhost:9292
+  # public-endpoint = https://comments.binaergewitter.de
+  systemd.services.isso.serviceConfig.ExecStart = "${pkgs.isso}/bin/isso -c ${configFile}" ;
+
+  services.nginx.virtualHosts."comments.binaergewitter.de" = {
+    forceSSL = true;
+    enableAcme = true;
+    useACMEHost = "download.binaergewitter.de";
+    locations."/".proxyPass = "http://localhost:9292";
+  };
+
+}