chore(nginx): move mkVHost to lib
This commit is contained in:
parent
0a3c28e62e
commit
68aa9ba923
SSH key fingerprint:
SHA256:iQnIC12spf4QjWSbarmkD2No1cLMlu6TWoV7K6cYF5g
3 changed files with 30 additions and 24 deletions
|
|
@ -18,7 +18,7 @@ mkIf config.programs.ssh.enable {
|
||||||
};
|
};
|
||||||
raptus = {
|
raptus = {
|
||||||
hostname = "vps.ccnlc.eu";
|
hostname = "vps.ccnlc.eu";
|
||||||
user = "root";
|
user = "ny";
|
||||||
port = 56528;
|
port = 56528;
|
||||||
};
|
};
|
||||||
#shan = {
|
#shan = {
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,9 @@
|
||||||
pubkeys,
|
pubkeys,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
|
let
|
||||||
|
inherit (lib.my) mkVHost;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
(modulesPath + "/profiles/qemu-guest.nix")
|
(modulesPath + "/profiles/qemu-guest.nix")
|
||||||
|
|
@ -15,8 +18,7 @@
|
||||||
./forgejo
|
./forgejo
|
||||||
./obsidian-livesync
|
./obsidian-livesync
|
||||||
./headscale.nix
|
./headscale.nix
|
||||||
../../modules/nix
|
../../modules
|
||||||
../../modules/users/ny.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
|
|
@ -50,25 +52,9 @@
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
recommendedTlsSettings = true;
|
recommendedTlsSettings = true;
|
||||||
clientMaxBodySize = "50M";
|
clientMaxBodySize = "50M";
|
||||||
virtualHosts =
|
virtualHosts = builtins.listToAttrs [
|
||||||
let
|
(mkVHost "rusty.ccnlc.eu" 8000 true)
|
||||||
mkVHost = name: port: {
|
(mkVHost "git.ccnlc.eu" 3000 true)
|
||||||
inherit name;
|
|
||||||
value = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
locations."/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:${toString port}";
|
|
||||||
extraConfig = ''
|
|
||||||
proxy_ssl_server_name on;
|
|
||||||
proxy_pass_header Authorization;'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
builtins.listToAttrs [
|
|
||||||
(mkVHost "rusty.ccnlc.eu" 8000)
|
|
||||||
(mkVHost "git.ccnlc.eu" 3000)
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -87,7 +73,10 @@
|
||||||
pkgs.gitMinimal
|
pkgs.gitMinimal
|
||||||
];
|
];
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [ pubkeys.ny ];
|
users.users = {
|
||||||
|
root.openssh.authorizedKeys.keys = [ pubkeys.ny ];
|
||||||
|
ny.openssh.authorizedKeys.keys = [ pubkeys.ny ];
|
||||||
|
};
|
||||||
|
|
||||||
system.stateVersion = "24.11";
|
system.stateVersion = "24.11";
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,9 @@
|
||||||
self,
|
self,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
|
let
|
||||||
|
inherit (lib) mkIf;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
|
|
||||||
# Verify the existence of a binary inside of a derivation.
|
# Verify the existence of a binary inside of a derivation.
|
||||||
|
|
@ -43,4 +46,18 @@
|
||||||
|
|
||||||
validatePath =
|
validatePath =
|
||||||
s: if (builtins.pathExists s) then (builtins.baseNameOf s) else throw "${s} does not exist";
|
s: if (builtins.pathExists s) then (builtins.baseNameOf s) else throw "${s} does not exist";
|
||||||
|
|
||||||
|
mkVHost = name: port: ssl: {
|
||||||
|
inherit name;
|
||||||
|
value = {
|
||||||
|
enableACME = ssl;
|
||||||
|
forceSSL = ssl;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:${toString port}";
|
||||||
|
extraConfig = ''
|
||||||
|
proxy_ssl_server_name on;
|
||||||
|
proxy_pass_header Authorization;'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue