From e97d5e715267ef8e954e51ce8fe61016aa062265 Mon Sep 17 00:00:00 2001
From: baritone <baritone@mail.spoodythe.one>
Date: Tue, 25 Mar 2025 12:09:39 +0100
Subject: [PATCH] website

---
 configuration.nix    |  7 ++-----
 services/nginx.nix   | 11 -----------
 services/website.nix | 32 ++++++++++++++++++++++++++++++++
 3 files changed, 34 insertions(+), 16 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index d046f33..9cd284b 100755
--- a/configuration.nix
+++ b/configuration.nix
@@ -8,20 +8,17 @@
     ./services/nginx.nix
     ./services/openssh.nix
     ./services/forgejo.nix
-    # ./services/nextcloud.nix
-    # ./services/seafile.nix
     ./services/vaultwarden.nix
     ./services/jellyfin.nix
     ./services/website.nix
     ./services/mailserver.nix
     ./services/fail2ban.nix
-
     ./services/zed.nix # IMPORTANTE
-
     ./services/auto-torrent.nix
-
     ./services/misc.nix
 
+    ./services/website.nix
+
     ./modules/age.nix
     ./modules/git.nix
     ./modules/nix-settings.nix
diff --git a/services/nginx.nix b/services/nginx.nix
index 982020d..cc0b9ad 100755
--- a/services/nginx.nix
+++ b/services/nginx.nix
@@ -5,17 +5,6 @@
     recommendedOptimisation = true;
     recommendedProxySettings = true;
     recommendedTlsSettings = true;
-
-    virtualHosts."spoodythe.one" = {
-      forceSSL = true;
-      enableACME = true;
-      default = true;
-      locations."/" = {
-        extraConfig = ''
-          deny all;
-        '';
-      };
-    };
   };
 
   security.acme.acceptTerms = true;
diff --git a/services/website.nix b/services/website.nix
index ee3e1e0..077432b 100755
--- a/services/website.nix
+++ b/services/website.nix
@@ -5,12 +5,44 @@
 }: let
   host = "127.0.0.1";
   port = 8080;
+  user = "website-host-user";
+  uid = 1900;
 in {
   services.nginx.virtualHosts."spoodythe.one" = {
     enableACME = true;
     forceSSL = true;
+    default = true;
     locations."/" = {
       proxyPass = "http://${host}:${toString port}";
     };
   };
+
+  users.users."website-host-user" = {
+    isNormalUser = true;
+    inherit uid;
+  };
+
+  systemd.services."run-website" = {
+    description = "Service for running my website";
+    wants = ["network-online.target"];
+    wantedBy = ["multi-user.target"];
+
+    preStart = ''
+      if [ ! -d "/home/${user}/website" ]; then
+        ${pkgs.git}/bin/git clone https://gitlab.com/SpoodyTheOne/webbisitey/ "/home/${user}/website"
+      fi
+    '';
+
+    script = ''
+      cd /home/${user}/website
+      ${pkgs.git}/bin/git pull
+      ${pkgs.nix}/bin/nix run
+    '';
+
+    serviceConfig = {
+      Restart = "always";
+      User = user;
+      # WorkingDirectory = "/home/${user}/website";
+    };
+  };
 }