updated hades nginx config
parent
374f3b9113
commit
7b1ebe5c85
165
flake.lock
165
flake.lock
|
@ -528,6 +528,24 @@
|
|||
"inputs": {
|
||||
"systems": "systems_5"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701680307,
|
||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_7": {
|
||||
"inputs": {
|
||||
"systems": "systems_6"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1685518550,
|
||||
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
|
||||
|
@ -542,7 +560,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_7": {
|
||||
"flake-utils_8": {
|
||||
"locked": {
|
||||
"lastModified": 1678901627,
|
||||
"narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
|
||||
|
@ -556,9 +574,9 @@
|
|||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"flake-utils_8": {
|
||||
"flake-utils_9": {
|
||||
"inputs": {
|
||||
"systems": "systems_7"
|
||||
"systems": "systems_8"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1681202837,
|
||||
|
@ -692,11 +710,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703155327,
|
||||
"narHash": "sha256-Q25AEghhhOp+ImNN4PsAExi7DIB1INMlBSaggGz7q4w=",
|
||||
"lastModified": 1703265279,
|
||||
"narHash": "sha256-5jVtOwyMH1FzclxHrsFWzBdB+VyjUUSu1wyZhZlR6WU=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "8b797c8eea1eba7dfb47f6964103e6e0d134255f",
|
||||
"rev": "07c322a7cff03267fd881adae1afe63367c5d608",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -787,6 +805,25 @@
|
|||
"type": "gitlab"
|
||||
}
|
||||
},
|
||||
"microvm": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_5",
|
||||
"nixpkgs": "nixpkgs_5"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703300511,
|
||||
"narHash": "sha256-lU0sFmNcLTZBDJyeckW5oXtypA62XFZUGFMyGne9EYA=",
|
||||
"owner": "astro",
|
||||
"repo": "microvm.nix",
|
||||
"rev": "fa93cd958b42da4657a47f034af9641349d1c7cb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "astro",
|
||||
"repo": "microvm.nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"naersk": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -833,7 +870,7 @@
|
|||
"nix": {
|
||||
"inputs": {
|
||||
"lowdown-src": "lowdown-src",
|
||||
"nixpkgs": "nixpkgs_8",
|
||||
"nixpkgs": "nixpkgs_9",
|
||||
"nixpkgs-regression": "nixpkgs-regression"
|
||||
},
|
||||
"locked": {
|
||||
|
@ -1045,6 +1082,22 @@
|
|||
}
|
||||
},
|
||||
"nixpkgs_10": {
|
||||
"locked": {
|
||||
"lastModified": 1696165369,
|
||||
"narHash": "sha256-pd1cjFHCoEf9q5f9B0HhlOwwpBI9RP3HbUE6xjI7wAI=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "d7186d62bb68fac3c90f1d95515e613ef299e992",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_11": {
|
||||
"locked": {
|
||||
"lastModified": 1682526928,
|
||||
"narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=",
|
||||
|
@ -1060,7 +1113,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_11": {
|
||||
"nixpkgs_12": {
|
||||
"locked": {
|
||||
"lastModified": 1670507980,
|
||||
"narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=",
|
||||
|
@ -1125,20 +1178,36 @@
|
|||
},
|
||||
"nixpkgs_5": {
|
||||
"locked": {
|
||||
"lastModified": 1703013332,
|
||||
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
|
||||
"lastModified": 1702312524,
|
||||
"narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a9bf124c46ef298113270b1f84a164865987a91c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_6": {
|
||||
"locked": {
|
||||
"lastModified": 1703213509,
|
||||
"narHash": "sha256-BDVzvjPwKk4/yvdCNzjmm1wlDf7Pdbhsf+hV2ybKkrY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
|
||||
"rev": "bc3575c6cda0c5fc9e322c05d97df6a787066b3e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-unstable",
|
||||
"ref": "nixos-unstable-small",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_6": {
|
||||
"nixpkgs_7": {
|
||||
"locked": {
|
||||
"lastModified": 1702830618,
|
||||
"narHash": "sha256-lvhwIvRwhOLgzbRuYkqHy4M5cQHYs4ktL6/hyuBS6II=",
|
||||
|
@ -1154,7 +1223,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_7": {
|
||||
"nixpkgs_8": {
|
||||
"locked": {
|
||||
"lastModified": 1686736559,
|
||||
"narHash": "sha256-YyUSVoOKIDAscTx7IZhF9x3qgZ9dPNF19fKk+4c5irc=",
|
||||
|
@ -1170,7 +1239,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_8": {
|
||||
"nixpkgs_9": {
|
||||
"locked": {
|
||||
"lastModified": 1645296114,
|
||||
"narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=",
|
||||
|
@ -1186,22 +1255,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_9": {
|
||||
"locked": {
|
||||
"lastModified": 1696165369,
|
||||
"narHash": "sha256-pd1cjFHCoEf9q5f9B0HhlOwwpBI9RP3HbUE6xjI7wAI=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "d7186d62bb68fac3c90f1d95515e613ef299e992",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_stable": {
|
||||
"locked": {
|
||||
"lastModified": 1703034876,
|
||||
|
@ -1219,16 +1272,16 @@
|
|||
},
|
||||
"nixvim": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_5",
|
||||
"nixpkgs": "nixpkgs_6",
|
||||
"flake-utils": "flake-utils_6",
|
||||
"nixpkgs": "nixpkgs_7",
|
||||
"pre-commit-hooks": "pre-commit-hooks"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703185304,
|
||||
"narHash": "sha256-CKsV786NBB8fuls4vyKGTfOz9bkpAn2lh8PKL8YLZ+M=",
|
||||
"lastModified": 1703260550,
|
||||
"narHash": "sha256-wPe+0oCgzvf9Ixscme+NUS4iRX0n/alJvt3msnu9vPA=",
|
||||
"owner": "pta2002",
|
||||
"repo": "nixvim",
|
||||
"rev": "43d20e833267ffd026af692060fb344960930fe1",
|
||||
"rev": "e0521dde87825e4ed16e1ac5b6df9f1b7e60af05",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -1239,11 +1292,11 @@
|
|||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1703184342,
|
||||
"narHash": "sha256-Ofp7blG/cJUeQfi6ZjJeHVCSEmtdUhGaJLFKvxbTKW0=",
|
||||
"lastModified": 1703324764,
|
||||
"narHash": "sha256-c5ll8NFOSg+vMvJVDBds/iXNp25VhkSUcmB7jaeV5FM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "35e7e80e378aedb2b4fc5ae0f560fc395b5653e3",
|
||||
"rev": "8c88bc919c49528c4cc9a65501406cecb74361b7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -1272,7 +1325,7 @@
|
|||
"pre-commit-hooks": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_6",
|
||||
"flake-utils": "flake-utils_6",
|
||||
"flake-utils": "flake-utils_7",
|
||||
"gitignore": "gitignore_2",
|
||||
"nixpkgs": [
|
||||
"nixvim",
|
||||
|
@ -1356,7 +1409,7 @@
|
|||
"inputs": {
|
||||
"fenix": "fenix",
|
||||
"naersk": "naersk_2",
|
||||
"nixpkgs": "nixpkgs_7"
|
||||
"nixpkgs": "nixpkgs_8"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1690193312,
|
||||
|
@ -1381,9 +1434,10 @@
|
|||
"home-manager": "home-manager",
|
||||
"lanzaboote": "lanzaboote",
|
||||
"mailserver": "mailserver",
|
||||
"microvm": "microvm",
|
||||
"nixos-generators": "nixos-generators",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixpkgs": "nixpkgs_5",
|
||||
"nixpkgs": "nixpkgs_6",
|
||||
"nixpkgs_stable": "nixpkgs_stable",
|
||||
"nixvim": "nixvim",
|
||||
"nur": "nur",
|
||||
|
@ -1573,6 +1627,21 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_8": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
|
@ -1608,7 +1677,7 @@
|
|||
},
|
||||
"utils_3": {
|
||||
"inputs": {
|
||||
"systems": "systems_6"
|
||||
"systems": "systems_7"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1694529238,
|
||||
|
@ -1627,9 +1696,9 @@
|
|||
"vault-secrets": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_7",
|
||||
"flake-utils": "flake-utils_7",
|
||||
"flake-utils": "flake-utils_8",
|
||||
"nix": "nix",
|
||||
"nixpkgs": "nixpkgs_9",
|
||||
"nixpkgs": "nixpkgs_10",
|
||||
"utils": "utils_3"
|
||||
},
|
||||
"locked": {
|
||||
|
@ -1648,8 +1717,8 @@
|
|||
},
|
||||
"vault-unseal": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_8",
|
||||
"nixpkgs": "nixpkgs_10"
|
||||
"flake-utils": "flake-utils_9",
|
||||
"nixpkgs": "nixpkgs_11"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1683013874,
|
||||
|
@ -1668,7 +1737,7 @@
|
|||
"webcord": {
|
||||
"inputs": {
|
||||
"dream2nix": "dream2nix",
|
||||
"nixpkgs": "nixpkgs_11",
|
||||
"nixpkgs": "nixpkgs_12",
|
||||
"webcord": "webcord_2"
|
||||
},
|
||||
"locked": {
|
||||
|
|
|
@ -5,12 +5,14 @@
|
|||
# * https://github.com/Infinidoge/nix-minecraft
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "nixpkgs/nixos-unstable";
|
||||
nixpkgs.url = "nixpkgs/nixos-unstable-small";
|
||||
nixpkgs_stable.url = "nixpkgs/nixos-23.05";
|
||||
nur.url = "github:nix-community/NUR";
|
||||
colmena.url = "github:zhaofengli/colmena";
|
||||
vault-secrets.url = "github:serokell/vault-secrets";
|
||||
|
||||
microvm.url = "github:astro/microvm.nix";
|
||||
|
||||
home-manager.url = "github:nix-community/home-manager";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
|
@ -52,6 +54,7 @@
|
|||
, nixos-generators
|
||||
, nur
|
||||
, attic
|
||||
, microvm
|
||||
, ...
|
||||
}@inputs:
|
||||
let
|
||||
|
|
|
@ -46,7 +46,7 @@
|
|||
"https://nix-community.cachix.org"
|
||||
"https://nixpkgs-review-bot.cachix.org"
|
||||
"https://colmena.cachix.org"
|
||||
"https://cache.garnix.io"
|
||||
# "https://cache.garnix.io"
|
||||
"https://cachix.cachix.org"
|
||||
];
|
||||
trusted-public-keys = [
|
||||
|
@ -54,7 +54,7 @@
|
|||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
"nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE="
|
||||
"colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg="
|
||||
"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
|
||||
# "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
|
||||
];
|
||||
};
|
||||
optimise = {
|
||||
|
|
|
@ -35,10 +35,18 @@
|
|||
"overseerr" = {
|
||||
ip = "192.168.0.105";
|
||||
mac = "8E:21:7F:88:3A:83";
|
||||
exposes.requests = {
|
||||
domain = "requests.xirion.net";
|
||||
port = 5055;
|
||||
};
|
||||
};
|
||||
"tautulli" = {
|
||||
ip = "192.168.0.106";
|
||||
mac = "BE:30:DB:F8:C6:55";
|
||||
exposes.tautulli = {
|
||||
domain = "tautulli.xirion.net";
|
||||
port = 8080;
|
||||
};
|
||||
};
|
||||
"dns-1" = {
|
||||
ip = "192.168.0.107";
|
||||
|
@ -84,11 +92,6 @@
|
|||
ip = "192.168.0.116";
|
||||
mac = "06:8a:8e:3e:43:45";
|
||||
};
|
||||
"thelounge" = {
|
||||
ip = "192.168.0.117";
|
||||
mac = "00:0c:29:2a:69:8f";
|
||||
nix = false;
|
||||
};
|
||||
"mail" = {
|
||||
ip = "192.168.0.118";
|
||||
mac = "00:50:56:91:3b:03";
|
||||
|
@ -106,6 +109,16 @@
|
|||
"garage" = {
|
||||
ip = "192.168.0.121";
|
||||
mac = "3A:19:32:A2:F8:96";
|
||||
exposes = {
|
||||
garage = {
|
||||
domain = "g.xirion.net";
|
||||
port = 3900;
|
||||
};
|
||||
fedi-media = {
|
||||
domain = "fedi-media.xirion.net";
|
||||
port = 3902;
|
||||
};
|
||||
};
|
||||
};
|
||||
"nginx" = {
|
||||
ip = "192.168.0.122";
|
||||
|
@ -138,10 +151,18 @@
|
|||
"attic" = {
|
||||
ip = "192.168.0.128";
|
||||
mac = "9E:AF:E9:FE:D4:D9";
|
||||
exposes.attic = {
|
||||
domain = "attic.xirion.net";
|
||||
port = 8080;
|
||||
};
|
||||
};
|
||||
"hassio" = {
|
||||
ip = "192.168.0.129";
|
||||
mac = "e6:80:32:fb:00:75";
|
||||
exposes.ha = {
|
||||
domain = "ha.xirion.net";
|
||||
port = 8123;
|
||||
};
|
||||
nix = false;
|
||||
};
|
||||
# "docker-registry" = {
|
||||
|
@ -156,6 +177,16 @@
|
|||
"tudelft" = {
|
||||
ip = "192.168.0.132";
|
||||
mac = "AE:B3:93:4B:04:76";
|
||||
exposes = {
|
||||
grist = {
|
||||
domain = "grist.tud.0x76.dev";
|
||||
port = 8484;
|
||||
};
|
||||
dex = {
|
||||
domain = "dex.tud.0x76.dev";
|
||||
port = 8000;
|
||||
};
|
||||
};
|
||||
nix = false;
|
||||
};
|
||||
"mastodon" = {
|
||||
|
|
|
@ -32,6 +32,8 @@
|
|||
"mail.xirion.net typetransparent"
|
||||
"plex.xirion.net typetransparent"
|
||||
"fedi.xirion.net typetransparent"
|
||||
"grist.tud.0x76.dev typetransparent"
|
||||
"dex.tud.0x76.dev typetransparent"
|
||||
];
|
||||
|
||||
local-data = [
|
||||
|
@ -47,6 +49,8 @@
|
|||
''"mail.xirion.net A 192.168.0.122"''
|
||||
''"plex.xirion.net A 192.168.0.122"''
|
||||
''"fedi.xirion.net A 192.168.0.122"''
|
||||
''"grist.tud.0x76.dev A 192.168.0.122"''
|
||||
''"dex.tud.0x76.dev A 192.168.0.122"''
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -31,6 +31,8 @@ in
|
|||
preliminarySelfsigned = true;
|
||||
};
|
||||
|
||||
services.v.nginx.autoExpose = true;
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
|
@ -41,7 +43,6 @@ in
|
|||
|
||||
package = pkgs.nginxMainline;
|
||||
virtualHosts = {
|
||||
"ha.xirion.net" = proxy "http://192.168.0.129:8123";
|
||||
"xirion.net" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
@ -49,6 +50,8 @@ in
|
|||
add_header Content-Type 'text/html; charset=UTF-8';
|
||||
return 200 'Hello, World!';
|
||||
'';
|
||||
|
||||
# Mastodon federation
|
||||
locations."= /.well-known/host-meta".extraConfig = ''
|
||||
return 301 https://fedi.xirion.net$request_uri;
|
||||
'';
|
||||
|
@ -57,33 +60,9 @@ in
|
|||
return 301 https://fedi.xirion.net$request_uri;
|
||||
'';
|
||||
};
|
||||
"git.xirion.net" = proxy "http://10.10.10.12";
|
||||
"o.xirion.net" = proxy "http://192.168.0.112:9000";
|
||||
"g.xirion.net" = proxy "http://garage.hades:3900";
|
||||
"requests.xirion.net" = proxy "http://overseerr.hades:5055";
|
||||
"pass.xirion.net" = proxy "http://bitwarden_rs";
|
||||
"repo.xirion.net" = proxy "http://archlinux";
|
||||
"thelounge.xirion.net" = proxy "http://thelounge:9000";
|
||||
"attic.xirion.net" = proxy "http://attic.hades:8080";
|
||||
|
||||
"tautulli.xirion.net" = proxy "http://tautulli.hades:8080";
|
||||
"peepeepoopoo.xirion.net" = proxy "http://tautulli.hades:8080"; # Deprecated but Ricardo has it bookmarked already!
|
||||
|
||||
"registry.xirion.net" = proxy "http://docker-registry:5000"
|
||||
// {
|
||||
locations."/".extraConfig = ''
|
||||
allow 127.0.0.1;
|
||||
allow 10.42.42.0/23;
|
||||
allow 10.10.10.1/24;
|
||||
allow 192.168.0.0/23;
|
||||
allow 80.60.83.220;
|
||||
allow 83.128.154.23;
|
||||
allow 62.45.26.248;
|
||||
allow 195.85.167.32/29;
|
||||
deny all;
|
||||
'';
|
||||
};
|
||||
|
||||
"plex.xirion.net" = {
|
||||
# Since we want a secure connection, we force SSL
|
||||
forceSSL = true;
|
||||
|
@ -170,8 +149,6 @@ in
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
"fedi-media.xirion.net" = proxy "http://garage.hades:3902";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -19,12 +19,19 @@ in {
|
|||
environment.systemPackages = with pkgs; [ sqlite ];
|
||||
virtualisation = {
|
||||
|
||||
podman.enable = true;
|
||||
podman = {
|
||||
enable = true;
|
||||
defaultNetwork.settings = {
|
||||
"subnets" = [{
|
||||
subnet = "10.88.0.0/16";
|
||||
gateway = "10.88.0.1";
|
||||
}];
|
||||
};
|
||||
};
|
||||
oci-containers.backend = "podman";
|
||||
|
||||
oci-containers.containers.grist = {
|
||||
image =
|
||||
"gristlabs/grist:1.1.9";
|
||||
image = "gristlabs/grist:1.1.9";
|
||||
environment = {
|
||||
APP_HOME_URL = "https://grist.0x76.dev";
|
||||
GRIST_SUPPORT_ANON = "false";
|
||||
|
@ -43,7 +50,7 @@ in {
|
|||
PYTHON_VERSION_ON_CREATION = "3";
|
||||
|
||||
GRIST_OIDC_IDP_ISSUER = "https://dex.0x76.dev";
|
||||
GRIST_OIDC_IDP_SKIP_END_SESSION_ENDPOINT= "true";
|
||||
GRIST_OIDC_IDP_SKIP_END_SESSION_ENDPOINT = "true";
|
||||
};
|
||||
environmentFiles = [ "${vs.grist}/environment" ];
|
||||
ports = [ "8484:8484" ];
|
||||
|
|
|
@ -42,7 +42,7 @@ in
|
|||
|
||||
# Templated
|
||||
virtualHosts = {
|
||||
"pass.0x76.dev" = {
|
||||
"pass.0x76.dev" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations = {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ nixpkgs, home-manager, mailserver, lanzaboote, attic, gnome-autounlock-keyring, ... }:
|
||||
{ nixpkgs, home-manager, mailserver, lanzaboote, attic, microvm, ... }:
|
||||
let
|
||||
inherit (builtins) filter attrValues concatMap mapAttrs;
|
||||
inherit (nixpkgs.lib.attrsets) mapAttrsToList;
|
||||
|
|
Loading…
Reference in New Issue