diff options
author | tv <tv@krebsco.de> | 2017-04-12 09:24:46 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2017-04-12 09:24:46 +0200 |
commit | 0248fce6be6705de4a6beab0f2a9336550df9d18 (patch) | |
tree | 6865e194d5df1f9f77a03da06192d5034f97cacf /makefu/2configs/deployment/graphs.nix | |
parent | 75f43655d379a7aeed58b9cb423759b8a3696a9a (diff) | |
parent | 9224e9c4c8432ce8d7788592b9d25cfc29440ee6 (diff) |
Merge remote-tracking branch 'prism/makefu'
Diffstat (limited to 'makefu/2configs/deployment/graphs.nix')
-rw-r--r-- | makefu/2configs/deployment/graphs.nix | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/makefu/2configs/deployment/graphs.nix b/makefu/2configs/deployment/graphs.nix new file mode 100644 index 000000000..35a724f6a --- /dev/null +++ b/makefu/2configs/deployment/graphs.nix @@ -0,0 +1,37 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + external-ip = config.krebs.build.host.nets.internet.ip4.addr; + internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; + hn = config.krebs.build.host.name; +in { + krebs.bepasty.servers."paste.r".nginx.extraConfig = '' + if ( $server_addr = "${external-ip}" ) { + return 403; + } + ''; + krebs.tinc_graphs = { + enable = true; + nginx = { + enable = true; + # TODO: remove hard-coded hostname + complete = { + extraConfig = '' + if ( $server_addr = "${external-ip}" ) { + return 403; + } + ''; + serverAliases = [ + "graphs.r" "graphs.retiolum" + "graphs.${hn}" "graphs.${hn}.retiolum" + ]; + }; + anonymous = { + enableSSL = true; + forceSSL = true; + enableACME = true; + }; + }; + }; +} |