diff options
author | makefu <github@syntax-fehler.de> | 2015-12-04 10:16:09 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2015-12-04 10:16:09 +0100 |
commit | 65cc52e01e18c823016a3043b8cf41822934cc3c (patch) | |
tree | 58aa8971a4e571234a762eee20c7ec7f57a2b4d4 /makefu | |
parent | 597f9e8597c95ac9e4cba1689322c433bb0c9a75 (diff) | |
parent | b5ffb88ba3a77d4f399d7a2815e2c61d53545f5d (diff) |
Merge branch 'master' of pnp:stockholm
Conflicts:
makefu/1systems/gum.nix
Diffstat (limited to 'makefu')
-rw-r--r-- | makefu/1systems/gum.nix | 9 | ||||
-rw-r--r-- | makefu/2configs/base-gui.nix | 11 | ||||
-rw-r--r-- | makefu/2configs/default.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/git/cgit-retiolum.nix | 4 | ||||
-rw-r--r-- | makefu/2configs/mattermost-docker.nix | 47 |
5 files changed, 70 insertions, 2 deletions
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 9de07266e..75607aa46 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -13,15 +13,21 @@ in { ../2configs/fs/single-partition-ext4.nix # ../2configs/iodined.nix ../2configs/git/cgit-retiolum.nix - + ../2configs/mattermost-docker.nix ]; + + + ###### stable krebs.build.target = "root@gum.krebsco.de"; krebs.build.host = config.krebs.hosts.gum; + + # Chat environment.systemPackages = with pkgs;[ weechat bepasty-client-cli + get ]; services.bitlbee.enable = true; @@ -31,7 +37,6 @@ in { boot.kernelModules = [ "kvm-intel" ]; # Network - services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="c8:0a:a9:c8:ee:dd", NAME="et0" ''; diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix index 7b7f85f13..16a5386ca 100644 --- a/makefu/2configs/base-gui.nix +++ b/makefu/2configs/base-gui.nix @@ -10,6 +10,17 @@ # # if this is not enough, check out main-laptop.nix +## TODO: .Xdefaults: +# URxvt*termName: rxvt +# URxvt.scrollBar : false +# URxvt*scrollBar_right: false +# URxvt*borderLess: false +# URxvt.foreground: white +# URxvt.background: black +# URxvt.urgentOnBell: true +# URxvt.visualBell: false +# URxvt.font : xft:Terminus + with lib; let mainUser = config.krebs.build.user.name; diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 3d9174788..760c70789 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -65,6 +65,7 @@ with lib; time.timeZone = "Europe/Berlin"; #nix.maxJobs = 1; + programs.ssh.startAgent = false; services.openssh.enable = true; nix.useChroot = true; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index e12827697..304d39fcd 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -15,6 +15,7 @@ let tinc_graphs = { desc = "Tinc Advanced Graph Generation"; }; + cac = { }; }; priv-repos = mapAttrs make-priv-repo { @@ -23,6 +24,9 @@ let connector-repos = mapAttrs make-priv-repo { connector = { }; + mattermost = { + desc = "Mattermost Docker files"; + }; }; diff --git a/makefu/2configs/mattermost-docker.nix b/makefu/2configs/mattermost-docker.nix new file mode 100644 index 000000000..20a93dff1 --- /dev/null +++ b/makefu/2configs/mattermost-docker.nix @@ -0,0 +1,47 @@ +{config, lib, ...}: + +with lib; +let + sec = toString <secrets>; + ssl_cert = "${sec}/wildcard.krebsco.de.crt"; + ssl_key = "${sec}/wildcard.krebsco.de.key"; +in { + # mattermost docker config and deployment guide: git.euer.krebsco.de + virtualisation.docker.enable = true; + users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "docker" ]; + krebs.nginx = { + enable = true; + servers.mattermost = { + listen = [ "80" "443 ssl" ]; + server-names = [ "mattermost.euer.krebsco.de" ]; + extraConfig = '' + gzip on; + gzip_buffers 4 32k; + gzip_types text/plain application/x-javascript text/css; + ssl_certificate ${ssl_cert}; + ssl_certificate_key ${ssl_key}; + default_type text/plain; + + if ($scheme = http){ + return 301 https://$server_name$request_uri; + } + + client_max_body_size 4G; + keepalive_timeout 10; + + ''; + locations = [ + (nameValuePair "/" '' + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_redirect off; + proxy_pass http://localhost:8065/; + '') + ]; + }; + }; +} |