summaryrefslogtreecommitdiffstats
path: root/tv
diff options
context:
space:
mode:
Diffstat (limited to 'tv')
-rw-r--r--tv/1systems/cd.nix58
1 files changed, 0 insertions, 58 deletions
diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix
index 043e915..03a5e58 100644
--- a/tv/1systems/cd.nix
+++ b/tv/1systems/cd.nix
@@ -10,9 +10,7 @@ with import <stockholm/lib>;
../2configs/hw/CAC-Developer-2.nix
../2configs/fs/CAC-CentOS-7-64bit.nix
../2configs/exim-smarthost.nix
- ../2configs/git.nix
../2configs/retiolum.nix
- ../2configs/urlwatch.nix
{
tv.charybdis = {
enable = true;
@@ -33,62 +31,6 @@ with import <stockholm/lib>;
"xmpp-server"
];
}
- {
- krebs.github-hosts-sync.enable = true;
- tv.iptables.input-internet-accept-tcp =
- singleton config.krebs.github-hosts-sync.port;
- }
- {
- krebs.nginx.servers.cgit.server-names = [
- "cgit.cd.krebsco.de"
- "cgit.cd.viljetic.de"
- ];
- # TODO make public_html also available to cd, cd.retiolum (AKA default)
- krebs.nginx.servers."https://viljetic.de" = {
- server-names = singleton "viljetic.de";
- listen = mkForce []; # disable default
- ssl = {
- enable = true;
- certificate = "/var/lib/acme/viljetic.de/fullchain.pem";
- certificate_key = "/var/lib/acme/viljetic.de/key.pem";
- };
- locations = [
- (nameValuePair "/" ''
- root ${pkgs.viljetic-pages};
- '')
- (nameValuePair "~ ^/~(.+?)(/.*)?\$" ''
- alias /home/$1/public_html$2;
- '')
- ];
- };
- krebs.nginx.servers."http://viljetic.de" = {
- server-names = singleton "viljetic.de";
- locations = [
- (nameValuePair "/.well-known/acme-challenge/" ''
- root /var/lib/acme/challenges/viljetic.de/;
- '')
- (nameValuePair "/" ''
- return 301 https://viljetic.de$request_uri;
- '')
- ];
- };
- security.acme = {
- certs."viljetic.de" = {
- email = "tomislav@viljetic.de";
- webroot = "/var/lib/acme/challenges/viljetic.de";
- plugins = [
- "account_key.json"
- "key.pem"
- "fullchain.pem"
- ];
- user = "nginx";
- };
- };
- tv.iptables.input-internet-accept-tcp = [
- "http"
- "https"
- ];
- }
];
networking = {