haccfiles/hosts/hainich/services/lantifa.nix

{ config, lib, pkgs, ... }:

{
  containers.lantifa = {
    autoStart = true;
    privateNetwork = true;
    hostAddress6 = "fd00::42:14";
    localAddress6 = "fd00::42:15";

    config = {config, pkgs, ... }: {
      networking.firewall.allowedTCPPorts = [ 4422 ];
      users.users.mediawiki.extraGroups = [ "keys" ];

      services.mediawiki = {
        enable = true;
        name = "LANtifa";
        database.createLocally = true;
        passwordFile = "/var/lib/mediawiki/mediawiki-password";

        virtualHost =  {
          hostName = "wiki.lantifa.org";
          listen = [ { port = 4422; } ];
          adminAddr = "admin@hacc.space";
        };
      };
    };
  };

  services.nginx.virtualHosts."wiki.lantifa.org" = {
	  locations."/".proxyPass = "http://[" + config.containers.lantifa.localAddress6 + "]:4422";
	  forceSSL = true;
	  enableACME = true;
	};
}