29 lines
652 B
Nix
29 lines
652 B
Nix
{ config, lib, pkgs, ... }:
|
|
# more than just nginx config but not enough to become a module
|
|
with import <stockholm/lib>;
|
|
let
|
|
hostname = config.krebs.build.host.name;
|
|
bootscript = pkgs.writeTextDir "runit" ''
|
|
set -euf
|
|
cd /root
|
|
mkdir -p .ssh
|
|
echo "${config.krebs.users.makefu.pubkey}" > .ssh/authorized_keys
|
|
chmod 700 -R .ssh
|
|
systemctl restart sshd
|
|
'';
|
|
in {
|
|
|
|
services.nginx = {
|
|
enable = mkDefault true;
|
|
virtualHosts."boot.euer.krebsco.de" = {
|
|
enableSSL = true;
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
root = bootscript;
|
|
index = "runit";
|
|
};
|
|
};
|
|
};
|
|
}
|