abstraction :)
This commit is contained in:
parent
c95b924af7
commit
edba60c4ec
45
host.nix
45
host.nix
|
|
@ -1,30 +1,39 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
let gitea = {
|
let secrets = import ./secrets/secrets.nix;
|
||||||
host = "10.10.0.1";
|
services = import ./services.nix;
|
||||||
local = "10.10.0.2";
|
lib = import ./lib.nix;
|
||||||
};
|
|
||||||
secrets = import ./secrets/secrets.nix;
|
|
||||||
in
|
in
|
||||||
|
|
||||||
|
lib.foldMap ({ name, ip, config, ... }:
|
||||||
{
|
{
|
||||||
# [CONTAINERS]
|
containers.${name} = {
|
||||||
containers.gitea = {
|
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
ephemeral = true;
|
ephemeral = true;
|
||||||
privateNetwork = true;
|
privateNetwork = true;
|
||||||
hostAddress = gitea.host;
|
hostAddress = ip.host;
|
||||||
localAddress = gitea.local;
|
localAddress = ip.local;
|
||||||
config = ./guests/gitea.nix;
|
config = config;
|
||||||
};
|
};
|
||||||
|
}
|
||||||
|
) services
|
||||||
|
|
||||||
|
//
|
||||||
|
|
||||||
|
{
|
||||||
# [NGINX]
|
# [NGINX]
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
virtualHosts = {
|
virtualHosts =
|
||||||
"localhost" = {
|
lib.foldMap ({ ip, port, hosts, ... }:
|
||||||
locations."/".proxyPass = "http://${gitea.local}:3001";
|
lib.foldMap (host:
|
||||||
};
|
{
|
||||||
};
|
"${host}" = {
|
||||||
|
locations."/".proxyPass = "http://${ip.local}:${builtins.toString port}";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
) hosts
|
||||||
|
) services;
|
||||||
};
|
};
|
||||||
|
|
||||||
# [NETWORK]
|
# [NETWORK]
|
||||||
|
|
@ -32,12 +41,12 @@ in
|
||||||
networking.firewall.allowedUDPPorts = [ ];
|
networking.firewall.allowedUDPPorts = [ ];
|
||||||
|
|
||||||
# VM test user
|
# VM test user
|
||||||
users.users.admin.isSystemUser = true ;
|
users.users.admin.isNormalUser = true;
|
||||||
users.users.admin.hashedPassword = builtins.readFile ./secrets/admin_password;
|
users.users.admin.hashedPassword = pkgs.lib.removeSuffix "\n"
|
||||||
|
(builtins.readFile ./secrets/admin_password);
|
||||||
users.users.admin.group = "admin";
|
users.users.admin.group = "admin";
|
||||||
users.groups.admin = {};
|
users.groups.admin = {};
|
||||||
|
|
||||||
|
|
||||||
system.stateVersion = "23.11";
|
system.stateVersion = "23.11";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
3
lib.nix
Normal file
3
lib.nix
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
foldMap = (f: list: builtins.foldl' (acc: elem: acc // elem) {} (builtins.map f list));
|
||||||
|
}
|
||||||
14
services.nix
Normal file
14
services.nix
Normal file
|
|
@ -0,0 +1,14 @@
|
||||||
|
# List of attrsets defining
|
||||||
|
# name, ip.host, ip.local, config, hosts
|
||||||
|
[
|
||||||
|
{
|
||||||
|
name = "gitea";
|
||||||
|
ip = {
|
||||||
|
host = "10.10.0.1";
|
||||||
|
local = "10.10.0.2";
|
||||||
|
};
|
||||||
|
config = ./guests/gitea.nix;
|
||||||
|
port = 3001;
|
||||||
|
hosts = [ "localhost" ];
|
||||||
|
}
|
||||||
|
]
|
||||||
Loading…
Reference in New Issue
Block a user