Nginx landing page and postgres

This commit is contained in:
Julius 2022-05-19 17:47:41 +02:00
parent 834b5350bf
commit 1f8bfa1136
Signed by: j00lz
GPG key ID: AF241B0AA237BBA2
7 changed files with 87 additions and 17 deletions

View file

@ -4,6 +4,6 @@ This is my nix infrastructure that runs on my strato server.
## nixos image ## nixos image
To get a basic nixos image use `nix build .#register`. To get a basic nixos image use `nix build .#register`.
Afterwards you can import it into lxd using `lxc image import ./result/metadata.tar.xz ./result/lxc.tar.xz --alias nixos` Afterwards you can import it into lxd using `lxc image import ./result/metadata.tar.xz ./result/lxc.tar.xz security.nesting=true --alias nixos`
You can then use `lxc launch nixos $name$` to make a new lxc container and start it. You can then use `lxc launch nixos $name$` to make a new lxc container and start it.

View file

@ -8,4 +8,6 @@
]; ];
boot.isContainer = true; boot.isContainer = true;
fileSystems."/run/keys" = { fsType = "tmpfs"; };
} }

View file

@ -48,13 +48,18 @@
colmena = { colmena = {
meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; }; }; meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; }; };
nginx = { nginx = {
imports = [ ./machines/nginx.nix ]; imports = [ ./machines/nginx ];
deployment.targetHost = "10.21.150.250"; deployment = {
targetHost = "nginx.lxd";
tags = [ "website" ];
};
}; };
postgres = {
nginx2 = { imports = [ ./machines/postgres ];
imports = [ ./machines/nginx.nix ]; deployment = {
deployment.targetHost = "10.21.150.95"; targetHost = "postgres.lxd";
tags = [ "database" ];
};
}; };
}; };

View file

@ -1,10 +0,0 @@
{ config, pkgs, ... }: {
imports = [ ../common ../common/lxc.nix ];
networking.hostName = "nginx";
system.stateVersion = "21.11";
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx.enable = true;
services.nginx.package = pkgs.nginxMainline;
}

View file

@ -0,0 +1,28 @@
{ config, pkgs, ... }: {
imports = [ ../../common ../../common/lxc.nix ];
networking.hostName = "nginx";
system.stateVersion = "21.11";
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
package = pkgs.nginxMainline;
virtualHosts."asraphiel.dev" = {
forceSSL = true;
http2 = true;
enableACME = true;
root = "/etc/main";
};
};
security.acme.email = "acme@voidcorp.nl";
security.acme.acceptTerms = true;
environment.etc."main/index.html" = {
enable = true;
source = ./index.html;
};
}

25
machines/nginx/index.html Normal file
View file

@ -0,0 +1,25 @@
<!DOCTYPE html>
<html>
<head>
<title>Julius' meme corner</title>
<style>
html {
color-scheme: light dark;
}
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to my site!</h1>
<p>There's absolutely nothing here for now...</p>
<p>I'm working on it trust me!</p>
</body>
</html>

View file

@ -0,0 +1,20 @@
{ config, pkgs, ... }: {
imports = [ ../../common ../../common/lxc.nix ];
networking.hostName = "postgres";
system.stateVersion = "21.11";
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 5432 ];
services.postgresql = {
enable = true;
# yes scuffed, but technically lxd can do whatever with the ip's it gives
authentication = "host all all 10.0.0.0/24 trust";
ensureDatabases = [ "gitea" ];
ensureUsers = [{
name = "gitea";
ensurePermissions = { "DATABASE \"gitea\"" = "ALL PRIVILEGES"; };
}];
enableTCPIP = true;
};
}