alejandro-angulo/dotfiles
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Added nix-serve config

Browse source 
Could use some work, but it works for now.
This commit is contained in:
Alejandro Angulo 2023-03-24 21:04:13 -07:00
parent 4536c79c68
commit 2627bc30d5
Signed by: alejandro-angulo
GPG key ID: 75579581C74554B6
2 changed files with 57 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
modules/services/nix-serve/default.nix Normal file
View file

@ -0,0 +1,52 @@
{
options,
config,
lib,
pkgs,
format,
...
}:
with lib; let
cfg = config.aa.services.nix-serve;
in {
options.aa.services.nix-serve = with types; {
enable = mkEnableOption "nix-serve";
domain_name = mkOption {
type = str;
description = "The domain to use.";
};
subdomain_name = mkOption {
type = str;
description = "The subdomain to use.";
};
};
config = mkIf cfg.enable {
services = {
nix-serve = {
enable = true;
# TODO: Document this or automate the inital creation.
secretKeyFile = "/var/gospelCache";
};
nginx = {
enable = true;
virtualHosts = {
"${cfg.subdomain_name}.${cfg.domain_name}" = {
serverAliases = [${cfg.subdomain_name}];
locations."/".extraConfig = ''
proxy_pass http://localhost:${toString config.services.nix-serve.port};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
'';
};
};
};
};
networking.firewall = {
allowedTCPPorts = [80];
};
};
}

33
systems/x86_64-linux/gospel/default.nix
View file

@ -27,6 +27,11 @@
apps.tmux.enable = true; apps.tmux.enable = true;
services.openssh.enable = true; services.openssh.enable = true;
services.nix-serve = {
enable = true;
domain_name = "kilonull.com";
subdomain_name = "gospel";
};
}; };
boot.binfmt.emulatedSystems = ["aarch64-linux" "armv6l-linux"]; boot.binfmt.emulatedSystems = ["aarch64-linux" "armv6l-linux"];
@ -102,34 +107,6 @@
nssmdns = true; nssmdns = true;
}; };
services.nix-serve = {
enable = true;
secretKeyFile = "/var/gospelCache";
};
services.nginx = {
enable = true;
virtualHosts = {
"gospel.kilonull.com" = {
serverAliases = ["gospel"];
locations."/".extraConfig = ''
proxy_pass http://localhost:${toString config.services.nix-serve.port};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
'';
};
};
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
networking.firewall = {
allowedTCPPorts = [80];
};
# Copy the NixOS configuration file and link it from the resulting system # Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you # (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix. # accidentally delete configuration.nix.