summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/deployment/boot-euer.nix
diff options
context:
space:
mode:
authorlassulus <lass@lassul.us>2017-04-30 19:54:09 +0200
committerlassulus <lass@lassul.us>2017-04-30 19:54:09 +0200
commit4cc5b5c1049d70c4829776743b8960c0399d2b07 (patch)
tree146585087d1d45d3d738333897808757ab00db82 /makefu/2configs/deployment/boot-euer.nix
parentc2c5b04f9daf97d1b6daffd906dde2e0c205cf95 (diff)
parent9ee75566e5ca1a9ef01ab9509ca80ca49c8110d4 (diff)
Merge remote-tracking branch 'gum/master'
Diffstat (limited to 'makefu/2configs/deployment/boot-euer.nix')
-rw-r--r--makefu/2configs/deployment/boot-euer.nix28
1 files changed, 28 insertions, 0 deletions
diff --git a/makefu/2configs/deployment/boot-euer.nix b/makefu/2configs/deployment/boot-euer.nix
new file mode 100644
index 000000000..be24209bc
--- /dev/null
+++ b/makefu/2configs/deployment/boot-euer.nix
@@ -0,0 +1,28 @@
+{ config, lib, pkgs, ... }:
+# more than just nginx config but not enough to become a module
+with import <stockholm/lib>;
+let
+ hostname = config.krebs.build.host.name;
+ bootscript = pkgs.writeTextDir "runit" ''
+ set -euf
+ cd /root
+ mkdir -p .ssh
+ echo "${config.krebs.users.makefu.pubkey}" > .ssh/authorized_keys
+ chmod 700 -R .ssh
+ systemctl restart sshd
+ '';
+in {
+
+ services.nginx = {
+ enable = mkDefault true;
+ virtualHosts."boot.euer.krebsco.de" = {
+ enableSSL = true;
+ forceSSL = true;
+ enableACME = true;
+ locations."/" = {
+ root = bootscript;
+ index = "runit";
+ };
+ };
+ };
+}