forked from Fediversity/simple-nixos-fediverse
Some fixes for Pixelfed on metal (#27)
This commit is contained in:
commit
1de8f5bc17
|
@ -14,6 +14,7 @@ let
|
||||||
inherit (builtins) toString;
|
inherit (builtins) toString;
|
||||||
inherit (lib) types mkOption mkEnableOption optionalString concatStringsSep;
|
inherit (lib) types mkOption mkEnableOption optionalString concatStringsSep;
|
||||||
inherit (lib.strings) escapeShellArg;
|
inherit (lib.strings) escapeShellArg;
|
||||||
|
inherit (lib.attrsets) filterAttrs mapAttrs';
|
||||||
cfg = config.services.garage;
|
cfg = config.services.garage;
|
||||||
fedicfg = config.fediversity.internal.garage;
|
fedicfg = config.fediversity.internal.garage;
|
||||||
concatMapAttrs = scriptFn: attrset: concatStringsSep "\n" (lib.mapAttrsToList scriptFn attrset);
|
concatMapAttrs = scriptFn: attrset: concatStringsSep "\n" (lib.mapAttrsToList scriptFn attrset);
|
||||||
|
@ -159,17 +160,23 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts.${fedicfg.web.rootDomain} = {
|
## Create a proxy from <bucket>.web.garage.<domain> to localhost:3902 for
|
||||||
forceSSL = true;
|
## each bucket that has `website = true`.
|
||||||
enableACME = true;
|
services.nginx.virtualHosts =
|
||||||
serverAliases = lib.mapAttrsToList (bucket: _: fedicfg.web.domainForBucket bucket) cfg.ensureBuckets; ## TODO: use wildcard certificates?
|
let
|
||||||
locations."/" = {
|
value = {
|
||||||
proxyPass = "http://localhost:3902";
|
forceSSL = true;
|
||||||
extraConfig = ''
|
enableACME = true;
|
||||||
proxy_set_header Host $host;
|
locations."/" = {
|
||||||
'';
|
proxyPass = "http://localhost:3902";
|
||||||
};
|
extraConfig = ''
|
||||||
};
|
proxy_set_header Host $host;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in mapAttrs'
|
||||||
|
(bucket: _: {name = fedicfg.web.domainForBucket bucket; inherit value;})
|
||||||
|
(filterAttrs (_: {website, ...}: website) cfg.ensureBuckets);
|
||||||
|
|
||||||
systemd.services.ensure-garage = {
|
systemd.services.ensure-garage = {
|
||||||
after = [ "garage.service" ];
|
after = [ "garage.service" ];
|
||||||
|
|
|
@ -1,17 +1,24 @@
|
||||||
{ lib, config, modulesPath, ... }:
|
{ lib, config, modulesPath, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
inherit (lib) mkVMOverride;
|
inherit (lib) mkVMOverride mapAttrs' filterAttrs;
|
||||||
|
|
||||||
|
cfg = config.services.garage;
|
||||||
|
|
||||||
fedicfg = config.fediversity.internal.garage;
|
fedicfg = config.fediversity.internal.garage;
|
||||||
|
|
||||||
in {
|
in {
|
||||||
imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
|
imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
|
||||||
|
|
||||||
services.nginx.virtualHosts.${fedicfg.web.rootDomain} = {
|
services.nginx.virtualHosts =
|
||||||
forceSSL = mkVMOverride false;
|
let
|
||||||
enableACME = mkVMOverride false;
|
value = {
|
||||||
};
|
forceSSL = mkVMOverride false;
|
||||||
|
enableACME = mkVMOverride false;
|
||||||
|
};
|
||||||
|
in mapAttrs'
|
||||||
|
(bucket: _: {name = fedicfg.web.domainForBucket bucket; inherit value;})
|
||||||
|
(filterAttrs (_: {website, ...}: website) cfg.ensureBuckets);
|
||||||
|
|
||||||
virtualisation.diskSize = 2048;
|
virtualisation.diskSize = 2048;
|
||||||
virtualisation.forwardPorts = [
|
virtualisation.forwardPorts = [
|
||||||
|
|
Reference in a new issue