From 3f68cef4b6ac2286767bf9a11bb6e09704986159 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 24 Dec 2016 23:38:19 +0100 Subject: k 3 bepasty-server: krebs.nginx -> services.nginx --- krebs/3modules/bepasty-server.nix | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index 50e04cf80..73d734237 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -22,6 +22,16 @@ let servers = mkOption { type = with types; attrsOf optionSet; + example = '' + { + "paste.r" = { + defaultPermissions = "read,delete,create"; + }; + "paste.krebsco.de" = { + defaultPermissions = "read"; + }; + } + ''; options = singleton { nginx = mkOption { # TODO use the correct type @@ -30,7 +40,6 @@ let additional nginx configuration. see krebs.nginx for all options ''; }; - secretKey = mkOption { type = types.str; description = '' @@ -143,24 +152,23 @@ let }; nginx-imp = { - assertions = [{ assertion = config.krebs.nginx.enable; - message = "krebs.nginx.enable must be true"; }]; + assertions = [{ assertion = config.services.nginx.enable; + message = "services.nginx.enable must be true"; }]; - krebs.nginx.servers = mapAttrs' (name: server: - nameValuePair("bepasty-server-${name}") + services.nginx.virtualHosts = mapAttrs ( server: (mkMerge [ server.nginx { extraConfig = '' client_max_body_size 32M; ''; - locations = [ - (nameValuePair "/" '' + locations = { + "/" = '' proxy_set_header Host $http_host; proxy_pass http://unix:${server.workDir}/gunicorn-${name}.sock; - '') - (nameValuePair "/static/" '' + ''; + "/static/" = '' alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/; - '') - ]; + ''; + }; }])) cfg.servers ; }; in -- cgit v1.2.3 From d3765adcaf2182450855bc7505dd32822da8799e Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 24 Dec 2016 23:38:39 +0100 Subject: k 3 tinc_graphs: krebs.nginx -> services.nginx --- krebs/3modules/tinc_graphs.nix | 75 ++++++++++++++++++------------------------ 1 file changed, 32 insertions(+), 43 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index 26a51de00..197835e73 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -35,35 +35,28 @@ let nginx = { enable = mkEnableOption "enable tinc_graphs to be served with nginx"; - anonymous = { - server-names = mkOption { - type = with types; listOf str; - description = "hostnames which serve anonymous graphs"; - default = [ "graphs.${config.krebs.build.host.name}" ]; - }; - - listen = mkOption { - # use the type of the nginx listen option - type = with types; listOf str; - description = "listen address for anonymous graphs"; - default = [ "80" ]; - }; - + anonymous = mkOption { + type = types.attrsOf types.unspecified; + description = '' + nginx virtualHost options to be merged into the anonymous graphs + vhost entry. + ''; + }; + anonymous-domain = mkOption { + type = types.str; + description = '' + external domainname to be used for anonymous graphs + it will be used if you want to enable ACME + ''; + default = "graphs.krebsco.de"; }; - complete = { - server-names = mkOption { - type = with types; listOf str; - description = "hostname which serves complete graphs"; - default = [ "graphs.${config.krebs.build.host.name}" ]; - }; - - listen = mkOption { - type = with types; listOf str; - description = "listen address for complete graphs"; - default = [ "127.0.0.1:80" ]; - }; - + complete = mkOption { + type = types.attrsOf types.unspecified; + description = '' + nginx virtualHost options to be merged into the complete graphs + vhost entry. + ''; }; }; @@ -134,24 +127,20 @@ let uid = genid "tinc_graphs"; home = "/var/spool/tinc_graphs"; }; - krebs.nginx = mkIf cfg.nginx.enable { + services.nginx = mkIf cfg.nginx.enable { enable = mkDefault true; - servers = { + virtualHosts = { tinc_graphs_complete = mkMerge [ cfg.nginx.complete { - locations = [ - (nameValuePair "/" '' - autoindex on; - root ${internal_dir}; - '') - ]; - }] ; - tinc_graphs_anonymous = mkMerge [ cfg.nginx.anonymous { - locations = [ - (nameValuePair "/" '' - autoindex on; - root ${external_dir}; - '') - ]; + locations = { + "/".extraConfig = "autoindex on;"; + "/".root = internal_dir; + }; + }]; + "${cfg.nginx.anonymous-domain}" = mkMerge [ cfg.nginx.anonymous { + locations = { + "/".extraConfig = "autoindex on;"; + "/".root = external_dir; + }; }]; }; }; -- cgit v1.2.3 From 3682e60aee26578f3163920b9feab641b21f5e5c Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 25 Dec 2016 00:21:54 +0100 Subject: k 3 bepasty-server: finish krebs.nginx -> servers.nginx --- krebs/3modules/bepasty-server.nix | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index 73d734237..4e035e725 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -48,6 +48,7 @@ let default = ""; }; + # we create a wsgi socket in $workDir/gunicorn-${name}.wsgi workDir = mkOption { type = types.str; @@ -155,21 +156,22 @@ let assertions = [{ assertion = config.services.nginx.enable; message = "services.nginx.enable must be true"; }]; - services.nginx.virtualHosts = mapAttrs ( server: - (mkMerge [ server.nginx { - extraConfig = '' - client_max_body_size 32M; - ''; - locations = { - "/" = '' - proxy_set_header Host $http_host; - proxy_pass http://unix:${server.workDir}/gunicorn-${name}.sock; - ''; - "/static/" = '' - alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/; - ''; - }; - }])) cfg.servers ; + services.nginx.virtualHosts = mapAttrs ( name: server: + (mkMerge [ + server.nginx + { + extraConfig = '' + client_max_body_size 32M; + ''; + locations = { + "/".extraConfig = "proxy_set_header Host $http_host;"; + "/".proxyPass = "http://unix:${server.workDir}/gunicorn-${name}.sock"; + "/static/".extraConfig = '' + alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/; + ''; + }; + }]) + ) cfg.servers ; }; in out -- cgit v1.2.3