k 3 bepasty-server: finish krebs.nginx -> servers.nginx
This commit is contained in:
parent
83ca6e1879
commit
3682e60aee
@ -48,6 +48,7 @@ let
|
|||||||
default = "";
|
default = "";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
# we create a wsgi socket in $workDir/gunicorn-${name}.wsgi
|
# we create a wsgi socket in $workDir/gunicorn-${name}.wsgi
|
||||||
workDir = mkOption {
|
workDir = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
@ -155,21 +156,22 @@ let
|
|||||||
assertions = [{ assertion = config.services.nginx.enable;
|
assertions = [{ assertion = config.services.nginx.enable;
|
||||||
message = "services.nginx.enable must be true"; }];
|
message = "services.nginx.enable must be true"; }];
|
||||||
|
|
||||||
services.nginx.virtualHosts = mapAttrs ( server:
|
services.nginx.virtualHosts = mapAttrs ( name: server:
|
||||||
(mkMerge [ server.nginx {
|
(mkMerge [
|
||||||
|
server.nginx
|
||||||
|
{
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
client_max_body_size 32M;
|
client_max_body_size 32M;
|
||||||
'';
|
'';
|
||||||
locations = {
|
locations = {
|
||||||
"/" = ''
|
"/".extraConfig = "proxy_set_header Host $http_host;";
|
||||||
proxy_set_header Host $http_host;
|
"/".proxyPass = "http://unix:${server.workDir}/gunicorn-${name}.sock";
|
||||||
proxy_pass http://unix:${server.workDir}/gunicorn-${name}.sock;
|
"/static/".extraConfig = ''
|
||||||
'';
|
|
||||||
"/static/" = ''
|
|
||||||
alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/;
|
alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}])) cfg.servers ;
|
}])
|
||||||
|
) cfg.servers ;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
out
|
out
|
||||||
|
@ -26,8 +26,7 @@ in {
|
|||||||
serveNginx= true;
|
serveNginx= true;
|
||||||
|
|
||||||
servers = {
|
servers = {
|
||||||
internal = {
|
"paste.r" = {
|
||||||
domain = "paste.r";
|
|
||||||
nginx = {
|
nginx = {
|
||||||
serverAliases = [ "paste.retiolum" "paste.${config.krebs.build.host.name}" ];
|
serverAliases = [ "paste.retiolum" "paste.${config.krebs.build.host.name}" ];
|
||||||
};
|
};
|
||||||
@ -35,8 +34,7 @@ in {
|
|||||||
secretKey = secKey;
|
secretKey = secKey;
|
||||||
};
|
};
|
||||||
|
|
||||||
external = {
|
"${ext-dom}" = {
|
||||||
domain = ext-dom;
|
|
||||||
nginx = {
|
nginx = {
|
||||||
enableSSL = true;
|
enableSSL = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
@ -47,12 +45,4 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
security.acme.certs."${ext-dom}" = {
|
|
||||||
email = "acme@syntax-fehler.de";
|
|
||||||
webroot = "${acmechall}/${ext-dom}/";
|
|
||||||
group = "nginx";
|
|
||||||
allowKeysForGroup = true;
|
|
||||||
postRun = "systemctl reload nginx.service";
|
|
||||||
extraDomains."${ext-dom}" = null ;
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user