k 3 bepasty-server: finish krebs.nginx -> servers.nginx
This commit is contained in:
parent
83ca6e1879
commit
3682e60aee
@ -48,6 +48,7 @@ let
|
||||
default = "";
|
||||
};
|
||||
|
||||
|
||||
# we create a wsgi socket in $workDir/gunicorn-${name}.wsgi
|
||||
workDir = mkOption {
|
||||
type = types.str;
|
||||
@ -155,21 +156,22 @@ let
|
||||
assertions = [{ assertion = config.services.nginx.enable;
|
||||
message = "services.nginx.enable must be true"; }];
|
||||
|
||||
services.nginx.virtualHosts = mapAttrs ( server:
|
||||
(mkMerge [ server.nginx {
|
||||
extraConfig = ''
|
||||
client_max_body_size 32M;
|
||||
'';
|
||||
locations = {
|
||||
"/" = ''
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_pass http://unix:${server.workDir}/gunicorn-${name}.sock;
|
||||
'';
|
||||
"/static/" = ''
|
||||
alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/;
|
||||
'';
|
||||
};
|
||||
}])) cfg.servers ;
|
||||
services.nginx.virtualHosts = mapAttrs ( name: server:
|
||||
(mkMerge [
|
||||
server.nginx
|
||||
{
|
||||
extraConfig = ''
|
||||
client_max_body_size 32M;
|
||||
'';
|
||||
locations = {
|
||||
"/".extraConfig = "proxy_set_header Host $http_host;";
|
||||
"/".proxyPass = "http://unix:${server.workDir}/gunicorn-${name}.sock";
|
||||
"/static/".extraConfig = ''
|
||||
alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/;
|
||||
'';
|
||||
};
|
||||
}])
|
||||
) cfg.servers ;
|
||||
};
|
||||
in
|
||||
out
|
||||
|
@ -26,8 +26,7 @@ in {
|
||||
serveNginx= true;
|
||||
|
||||
servers = {
|
||||
internal = {
|
||||
domain = "paste.r";
|
||||
"paste.r" = {
|
||||
nginx = {
|
||||
serverAliases = [ "paste.retiolum" "paste.${config.krebs.build.host.name}" ];
|
||||
};
|
||||
@ -35,8 +34,7 @@ in {
|
||||
secretKey = secKey;
|
||||
};
|
||||
|
||||
external = {
|
||||
domain = ext-dom;
|
||||
"${ext-dom}" = {
|
||||
nginx = {
|
||||
enableSSL = true;
|
||||
forceSSL = true;
|
||||
@ -47,12 +45,4 @@ in {
|
||||
};
|
||||
};
|
||||
};
|
||||
security.acme.certs."${ext-dom}" = {
|
||||
email = "acme@syntax-fehler.de";
|
||||
webroot = "${acmechall}/${ext-dom}/";
|
||||
group = "nginx";
|
||||
allowKeysForGroup = true;
|
||||
postRun = "systemctl reload nginx.service";
|
||||
extraDomains."${ext-dom}" = null ;
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user