forked from Fediversity/simple-nixos-fediverse
Some fixes for Pixelfed on metal (#27)
This commit is contained in:
commit
1de8f5bc17
|
@ -14,6 +14,7 @@ let
|
|||
inherit (builtins) toString;
|
||||
inherit (lib) types mkOption mkEnableOption optionalString concatStringsSep;
|
||||
inherit (lib.strings) escapeShellArg;
|
||||
inherit (lib.attrsets) filterAttrs mapAttrs';
|
||||
cfg = config.services.garage;
|
||||
fedicfg = config.fediversity.internal.garage;
|
||||
concatMapAttrs = scriptFn: attrset: concatStringsSep "\n" (lib.mapAttrsToList scriptFn attrset);
|
||||
|
@ -159,17 +160,23 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts.${fedicfg.web.rootDomain} = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
serverAliases = lib.mapAttrsToList (bucket: _: fedicfg.web.domainForBucket bucket) cfg.ensureBuckets; ## TODO: use wildcard certificates?
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:3902";
|
||||
extraConfig = ''
|
||||
proxy_set_header Host $host;
|
||||
'';
|
||||
};
|
||||
};
|
||||
## Create a proxy from <bucket>.web.garage.<domain> to localhost:3902 for
|
||||
## each bucket that has `website = true`.
|
||||
services.nginx.virtualHosts =
|
||||
let
|
||||
value = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:3902";
|
||||
extraConfig = ''
|
||||
proxy_set_header Host $host;
|
||||
'';
|
||||
};
|
||||
};
|
||||
in mapAttrs'
|
||||
(bucket: _: {name = fedicfg.web.domainForBucket bucket; inherit value;})
|
||||
(filterAttrs (_: {website, ...}: website) cfg.ensureBuckets);
|
||||
|
||||
systemd.services.ensure-garage = {
|
||||
after = [ "garage.service" ];
|
||||
|
|
|
@ -1,17 +1,24 @@
|
|||
{ lib, config, modulesPath, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkVMOverride;
|
||||
inherit (lib) mkVMOverride mapAttrs' filterAttrs;
|
||||
|
||||
cfg = config.services.garage;
|
||||
|
||||
fedicfg = config.fediversity.internal.garage;
|
||||
|
||||
in {
|
||||
imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
|
||||
|
||||
services.nginx.virtualHosts.${fedicfg.web.rootDomain} = {
|
||||
forceSSL = mkVMOverride false;
|
||||
enableACME = mkVMOverride false;
|
||||
};
|
||||
services.nginx.virtualHosts =
|
||||
let
|
||||
value = {
|
||||
forceSSL = mkVMOverride false;
|
||||
enableACME = mkVMOverride false;
|
||||
};
|
||||
in mapAttrs'
|
||||
(bucket: _: {name = fedicfg.web.domainForBucket bucket; inherit value;})
|
||||
(filterAttrs (_: {website, ...}: website) cfg.ensureBuckets);
|
||||
|
||||
virtualisation.diskSize = 2048;
|
||||
virtualisation.forwardPorts = [
|
||||
|
|
Reference in a new issue