blob: fb12961bc8559a187545ba4d9ea4a00795244fee (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
{ config, pkgs, ... }:
# initially login as `admin@localhost` with the passwords `admin`
# (yes, I've changed this, this is just a note for if I forget when reading
# this in the future)
{
# so the default pretix module doesn't allow TLS foo by default, don't ask
# me why...
services.nginx.virtualHosts."tickets.emile.space" = {
forceSSL = true;
enableACME = true;
serverAliases = [ "tickets.hackoween.de" ];
};
services = {
pretix = {
enable = true;
package = pkgs.pretix;
plugins = with config.services.pretix.package.plugins; [
passbook
pages
];
user = "pretix";
group = "pretix";
gunicorn.extraArgs = [
"--name=pretix"
"--workers=4"
"--max-requests=1200"
"--max-requests-jitter=50"
"--log-level=info"
];
nginx = {
enable = true;
domain = "tickets.emile.space";
};
settings = {
pretix = {
instance_name = "tickets.emile.space";
url = "https://tickets.emile.space";
currency = "EUR";
datadir = "/var/lib/pretix";
cookie_domain = "tickets.emile.space";
trust_x_forwarded_for = "on";
trust_x_forwarded_proto = "on";
};
database = {
backend = "sqlite3";
};
mail = {
from = "tickets@emile.space";
host = "mail.emile.space";
user = "mail";
password = "${config.age.secrets.mail_password.path}";
port = 1025;
tls = "on";
ssl = "off";
};
redis = {
location = "unix://${config.services.redis.servers.pretix.unixSocket}?db=0";
sessions = true;
};
};
};
};
}
|
