# Configuration for the Amanuensis service

{ config, pkgs, ... }:

# Set up python
with pkgs;
let amanuensis-requires = python-packages: with python-packages; [
  flask flask_login flask_wtf gunicorn
];
python3-with-amanuensis-requires = python3.withPackages amanuensis-requires;
in
{
  # Create a user for the server process to run under
  users.users.amanuensis = {
    isNormalUser = true;
    group = "amanuensis";
    description = "Amanuensis server user";
    packages = [ python3-with-amanuensis-requires ];
  };
  users.groups.amanuensis = {};

  # Create the server process systemd unit
  systemd.services.amanuensis = {
    enable = true;
    description = "Amanuensis Lexicon server";
    path = [ python3-with-amanuensis-requires ];
    serviceConfig = {
      Type = "simple";
      ExecStart = "/home/amanuensis/Amanuensis/run.sh";
      Restart = "on-failure";
      User = "amanuensis";
      WorkingDirectory = "/home/amanuensis";
    };
    wantedBy = [ "multi-user.target" ];
  };

  # Configure nginx to forward to the server at the lexicon subdomain
  services.nginx.virtualHosts."lexicon.alogoulogoi.com" = {
    enableACME = true;
    forceSSL = true;
    extraConfig = ''
      access_log /var/log/nginx/access.lexicon.log;
    '';
    locations."/".extraConfig = ''
      proxy_buffering off;
      proxy_pass http://localhost:8000/;
    '';
  };
}