nginx: init
This commit is contained in:
parent
8e494833f4
commit
914594651b
2 changed files with 26 additions and 13 deletions
14
flake.nix
14
flake.nix
|
@ -25,6 +25,11 @@
|
|||
modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/mosquitto/configuration.nix ];
|
||||
};
|
||||
|
||||
nixosConfigurations.nginx = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/nginx/configuration.nix ];
|
||||
};
|
||||
|
||||
deploy.nodes.bastion = {
|
||||
hostname = "10.42.42.4";
|
||||
fastConnection = true;
|
||||
|
@ -61,6 +66,15 @@
|
|||
};
|
||||
};
|
||||
|
||||
deploy.nodes.nginx = {
|
||||
hostname = "10.42.42.9";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.nginx;
|
||||
};
|
||||
};
|
||||
|
||||
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -26,19 +26,18 @@
|
|||
# Additional packages
|
||||
environment.systemPackages = with pkgs; [];
|
||||
|
||||
# Vault
|
||||
networking.firewall.allowedTCPPorts = [ 8200 ];
|
||||
|
||||
services.vault = {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
# bin version includes the UI
|
||||
package = pkgs.vault-bin;
|
||||
address = "0.0.0.0:8200";
|
||||
storageBackend = "file";
|
||||
storagePath = "/var/lib/vault";
|
||||
extraConfig = ''
|
||||
api_addr = "10.42.42.6:8200"
|
||||
ui = true
|
||||
'';
|
||||
recommendedProxySettings = true;
|
||||
recommendedTlsSettings = true;
|
||||
|
||||
virtualHosts."ha.0x76.dev" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://10.42.42.8:8123/";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue