isso setup

modules/servers/isso.nix

@@ -0,0 +1,46 @@
+{
+  lib,
+  config,
+  ...
+}:
+let
+  setup = import ../factories/mkserver.nix { inherit lib config; };
+  cfg = config.my.servers.isso;
+in
+{
+  options.my.servers.isso = setup.mkOptions "isso" "comments" 8180;
+  config = lib.mkIf (cfg.enable && config.my.secureHost) {
+    my.servers.isso.domain = "danilo-reyes.com";
+    sops.secrets.isso = {
+      sopsFile = ../../secrets/env.yaml;
+    };
+    services.isso = {
+      inherit (cfg) enable;
+      settings = {
+        guard.require-author = true;
+        server.listen = "http://${cfg.ip}:${toString cfg.port}/";
+        admin = {
+          enabled = true;
+          password = "$ISSO_ADMIN_PASSWORD";
+        };
+        general = {
+          host = cfg.url;
+          max-age = "1h";
+          notify = "smtp";
+          reply-notifications = true;
+          gravatar = true;
+        };
+        smtp = {
+          host = "smtp.gmail.com";
+          port = 587;
+          security = "starttls";
+          username = "$ISSO_SMTP_USERNAME";
+          password = "$ISSO_SMTP_PASSWORD";
+          to = config.my.email;
+          from = config.my.smtpemail;
+        };
+      };
+    };
+    systemd.services.isso.serviceConfig.EnvironmentFile = config.sops.secrets.isso.path;
+  };
+}