Nixos_config
/
Nginx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Nginx/configuration.nix

153 lines
3.4 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Bootloader.
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
kernelPackages = pkgs.linuxPackages_latest;
};
networking = {
hostName = "nginx";
networkmanager.enable = true;
firewall.allowedTCPPorts = [ 80 443 ];
# firewall.allowedUDPPorts = [ ... ];
};
# Set your time zone.
time.timeZone = "Europe/Zurich";
system.autoUpgrade = {
enable = true;
allowReboot = true;
rebootWindow = {
lower = "01:00";
upper = "03:00";
};
};
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
# Configure keymap in X11
services.xserver.xkb = {
layout = "ch";
variant = "";
};
# Configure console keymap
console.keyMap = "sg";
# Define a user account. Don't forget to set a password with passwd.
users.users.tte = {
isNormalUser = true;
description = "tte";
extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; [];
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# List packages installed in system profile
environment.systemPackages = with pkgs; [
vim
wget
curl
git
nginx
acme
];
# Enable the OpenSSH daemon.
services = {
openssh = {
enable = true;
# settings.PermitRootLogin = "without-password";
};
qemuGuest.enable = true;
nginx = {
enable = true;
virtualHosts = {
"git.blubb.fish" = {
addSSL = true;
enableACME = true;
locations."/".proxyPass = "http://10.0.0.24:3000/";
};
"recipe.blubb.fish" = {
addSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://10.0.0.103:8080/";
recommendedProxySettings = true;
};
};
"portal.blubb.fish" = {
listen = [{port = 8843; addr="0.0.0.0"; ssl=true;}];
addSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://10.0.0.103:8843/";
recommendedProxySettings = true;
};
};
"play.blubb.fish" = {
addSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://10.0.0.100:8080/";
recommendedProxySettings = true;
};
};
"dms.blubb.fish" = {
addSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://10.0.0.103:8000/";
recommendedProxySettings = true;
};
};
};
};
};
security.acme = {
acceptTerms = true;
defaults.email = "gentoo@blubb.fish";
};
systemd = {
timers."start-runner" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "daily";
Persistent = true;
Unit = "start-runner.service";
};
};
services."start-runner" = {
script = ''
/root/runner/act_runner daemon &
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
};
# leave installation default
system.stateVersion = "24.05"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink