summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-12-25 00:21:54 +0100
committermakefu <github@syntax-fehler.de>2016-12-25 00:21:54 +0100
commit3682e60aee26578f3163920b9feab641b21f5e5c (patch)
tree950291daf29fcb9a17a74182ffd58700312aa635
parent83ca6e1879f89c9fbc8a64442debb1f0c0a057c1 (diff)
k 3 bepasty-server: finish krebs.nginx -> servers.nginx
-rw-r--r--krebs/3modules/bepasty-server.nix32
-rw-r--r--makefu/2configs/bepasty-dual.nix14
2 files changed, 19 insertions, 27 deletions
diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix
index 73d734237..4e035e725 100644
--- a/krebs/3modules/bepasty-server.nix
+++ b/krebs/3modules/bepasty-server.nix
@@ -48,6 +48,7 @@ let
default = "";
};
+
# we create a wsgi socket in $workDir/gunicorn-${name}.wsgi
workDir = mkOption {
type = types.str;
@@ -155,21 +156,22 @@ let
assertions = [{ assertion = config.services.nginx.enable;
message = "services.nginx.enable must be true"; }];
- services.nginx.virtualHosts = mapAttrs ( server:
- (mkMerge [ server.nginx {
- extraConfig = ''
- client_max_body_size 32M;
- '';
- locations = {
- "/" = ''
- proxy_set_header Host $http_host;
- proxy_pass http://unix:${server.workDir}/gunicorn-${name}.sock;
- '';
- "/static/" = ''
- alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/;
- '';
- };
- }])) cfg.servers ;
+ services.nginx.virtualHosts = mapAttrs ( name: server:
+ (mkMerge [
+ server.nginx
+ {
+ extraConfig = ''
+ client_max_body_size 32M;
+ '';
+ locations = {
+ "/".extraConfig = "proxy_set_header Host $http_host;";
+ "/".proxyPass = "http://unix:${server.workDir}/gunicorn-${name}.sock";
+ "/static/".extraConfig = ''
+ alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/;
+ '';
+ };
+ }])
+ ) cfg.servers ;
};
in
out
diff --git a/makefu/2configs/bepasty-dual.nix b/makefu/2configs/bepasty-dual.nix
index a4c6777bc..936aaf004 100644
--- a/makefu/2configs/bepasty-dual.nix
+++ b/makefu/2configs/bepasty-dual.nix
@@ -26,8 +26,7 @@ in {
serveNginx= true;
servers = {
- internal = {
- domain = "paste.r";
+ "paste.r" = {
nginx = {
serverAliases = [ "paste.retiolum" "paste.${config.krebs.build.host.name}" ];
};
@@ -35,8 +34,7 @@ in {
secretKey = secKey;
};
- external = {
- domain = ext-dom;
+ "${ext-dom}" = {
nginx = {
enableSSL = true;
forceSSL = true;
@@ -47,12 +45,4 @@ in {
};
};
};
- security.acme.certs."${ext-dom}" = {
- email = "acme@syntax-fehler.de";
- webroot = "${acmechall}/${ext-dom}/";
- group = "nginx";
- allowKeysForGroup = true;
- postRun = "systemctl reload nginx.service";
- extraDomains."${ext-dom}" = null ;
- };
}