summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/deployment/boot-euer.nix
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2017-04-28 12:45:09 +0200
committermakefu <github@syntax-fehler.de>2017-04-28 12:45:09 +0200
commit67a06b90b38780b31027dd8a1d5b9d1d1a5effa6 (patch)
tree734b09f2108fe0d74b75c07d6fbf7783e9998709 /makefu/2configs/deployment/boot-euer.nix
parentd756d5bcfb1277de6489b5a18fcf4f01a27859a5 (diff)
m 2 deployment: add boot-euer
Diffstat (limited to 'makefu/2configs/deployment/boot-euer.nix')
-rw-r--r--makefu/2configs/deployment/boot-euer.nix28
1 files changed, 28 insertions, 0 deletions
diff --git a/makefu/2configs/deployment/boot-euer.nix b/makefu/2configs/deployment/boot-euer.nix
new file mode 100644
index 000000000..be24209bc
--- /dev/null
+++ b/makefu/2configs/deployment/boot-euer.nix
@@ -0,0 +1,28 @@
+{ config, lib, pkgs, ... }:
+# more than just nginx config but not enough to become a module
+with import <stockholm/lib>;
+let
+ hostname = config.krebs.build.host.name;
+ bootscript = pkgs.writeTextDir "runit" ''
+ set -euf
+ cd /root
+ mkdir -p .ssh
+ echo "${config.krebs.users.makefu.pubkey}" > .ssh/authorized_keys
+ chmod 700 -R .ssh
+ systemctl restart sshd
+ '';
+in {
+
+ services.nginx = {
+ enable = mkDefault true;
+ virtualHosts."boot.euer.krebsco.de" = {
+ enableSSL = true;
+ forceSSL = true;
+ enableACME = true;
+ locations."/" = {
+ root = bootscript;
+ index = "runit";
+ };
+ };
+ };
+}