{ config, lib, ... }: let domain = "photos.giugl.io"; backendPort = 8001; frontendPort = 3000; in { architect.vhost.${domain} = { dnsInterfaces = [ "tailscale" ]; locations."/" = { host = "172.17.0.1"; port = frontendPort; # allowLan = true; # allow = [ config.architect.networks."tailscale".net ]; }; locations."~ ^/(api|media)/" = { host = "172.17.0.1"; port = backendPort; # allowLan = true; # allow = [ config.architect.networks."tailscale".net ]; }; locations."/ws" = { host = "172.17.0.1"; port = backendPort; proxyWebsockets = true; # allowLan = true; # allow = [ config.architect.networks."tailscale".net ]; }; }; services.redis.servers."librephotos" = { enable = true; port = 1233; bind = "172.17.0.1"; extraParams = [ "--protected-mode no" ]; }; virtualisation.oci-containers = { containers = { librephotos-front = { image = "reallibrephotos/librephotos-frontend:latest"; autoStart = true; ports = [ "172.17.0.1:${toString frontendPort}:${toString frontendPort}" ]; }; librephotos-back = { image = "reallibrephotos/librephotos:latest"; autoStart = true; ports = [ "172.17.0.1:${toString backendPort}:${toString backendPort}" ]; environment = { SECRET_KEY = "LOLOL"; BACKEND_HOST = domain; ADMIN_EMAIL = "me@giugl.io"; ADMIN_USERNAME = "giulio"; ADMIN_PASSWORD = "giulio"; ALLOWED_HOSTS = domain; DB_BACKEND = "mysql"; DB_NAME = "librephotos"; DB_USER = "librephotos"; DB_PASS = "librephotos"; DB_HOST = "172.17.0.1"; DB_PORT = toString config.services.mysql.settings.mysqld.port; REDIS_HOST = "172.17.0.1"; REDIS_PORT = toString config.services.redis.servers."librephotos".port; MAPBOX_API_KEY = "SOME_KEY"; WEB_CONCURRENCY = "24"; DEBUG = "0"; }; }; }; }; }