summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/nginx
diff options
context:
space:
mode:
Diffstat (limited to 'makefu/2configs/nginx')
-rw-r--r--makefu/2configs/nginx/dl.euer.krebsco.de.nix23
-rw-r--r--makefu/2configs/nginx/euer.blog.nix44
-rw-r--r--makefu/2configs/nginx/euer.mon.nix42
-rw-r--r--makefu/2configs/nginx/euer.test.nix24
-rw-r--r--makefu/2configs/nginx/euer.wiki.nix108
-rw-r--r--makefu/2configs/nginx/gold.krebsco.de.nix24
-rw-r--r--makefu/2configs/nginx/gum.krebsco.de.nix21
-rw-r--r--makefu/2configs/nginx/icecult.nix26
-rw-r--r--makefu/2configs/nginx/iso.euer.nix43
-rw-r--r--makefu/2configs/nginx/misa-felix-hochzeit.ml.nix16
-rw-r--r--makefu/2configs/nginx/public_html.nix18
-rw-r--r--makefu/2configs/nginx/rompr.nix75
-rw-r--r--makefu/2configs/nginx/update.connector.one.nix20
13 files changed, 0 insertions, 484 deletions
diff --git a/makefu/2configs/nginx/dl.euer.krebsco.de.nix b/makefu/2configs/nginx/dl.euer.krebsco.de.nix
deleted file mode 100644
index e31d355a..00000000
--- a/makefu/2configs/nginx/dl.euer.krebsco.de.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
- users.groups.download.members = [ "nginx" ];
- services.nginx = {
- enable = lib.mkDefault true;
- recommendedGzipSettings = true;
- recommendedOptimisation = true;
- virtualHosts."dl.euer.krebsco.de" = {
- root = config.makefu.dl-dir;
- extraConfig = "autoindex on;";
- forceSSL = true;
- enableACME = true;
- basicAuth = import <secrets/dl.euer.krebsco.de-auth.nix>;
- };
- virtualHosts."dl.gum.r" = {
- serverAliases = [ "dl.gum" "dl.makefu.r" "dl.makefu" ];
- root = config.makefu.dl-dir;
- extraConfig = "autoindex on;";
- basicAuth = import <secrets/dl.gum-auth.nix>;
- };
- };
-}
diff --git a/makefu/2configs/nginx/euer.blog.nix b/makefu/2configs/nginx/euer.blog.nix
deleted file mode 100644
index 24696adf..00000000
--- a/makefu/2configs/nginx/euer.blog.nix
+++ /dev/null
@@ -1,44 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
- sec = toString <secrets>;
- hostname = config.krebs.build.host.name;
- user = config.services.nginx.user;
- group = config.services.nginx.group;
- base-dir = "/var/www/blog.euer";
-in {
- # Prepare Blog directory
- systemd.services.prepare-euer-blog = {
- wantedBy = [ "local-fs.target" ];
- before = [ "nginx.service" ];
- serviceConfig = {
- # do nothing if the base dir already exists
- ExecStart = pkgs.writeScript "prepare-euer-blog-service" ''
- #!/bin/sh
- if ! test -d "${base-dir}" ;then
- mkdir -p "${base-dir}"
- chown ${user}:${group} "${base-dir}"
- chmod 700 "${base-dir}"
- fi
- '';
- Type = "oneshot";
- RemainAfterExit = "yes";
- TimeoutSec = "0";
- };
- };
-
- services.nginx = {
- enable = mkDefault true;
- virtualHosts = {
- "euer.krebsco.de" = {
- #serverAliases = [ "blog.euer.krebsco.de" "blog.${hostname}" ];
- enableACME = true;
- forceSSL = true;
- default = true;
- root = base-dir;
- };
- };
- };
- state = [ base-dir ];
-}
diff --git a/makefu/2configs/nginx/euer.mon.nix b/makefu/2configs/nginx/euer.mon.nix
deleted file mode 100644
index c9db15b7..00000000
--- a/makefu/2configs/nginx/euer.mon.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
- hostname = config.krebs.build.host.name;
- user = config.services.nginx.user;
- group = config.services.nginx.group;
- external-ip = config.krebs.build.host.nets.internet.ip4.addr;
- internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
-in {
- services.nginx = {
- enable = mkDefault true;
- virtualHosts."mon.euer.krebsco.de" = let
- # flesh_wrap
- authFile = pkgs.writeText "influx.conf" ''
- user:$apr1$ZG9oQCum$FhtIe/cl3jf8Sa4zq/BWd1
- '';
- in {
- forceSSL = true;
- enableACME = true;
- locations."/" = {
- proxyPass = "http://wbob.r:3000/";
- extraConfig = ''
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- '';
- };
- locations."/influxdb/" = {
- proxyPass = "http://wbob.r:8086/";
- extraConfig = ''
- auth_basic "Needs Autherization to visit";
- auth_basic_user_file ${authFile};
- proxy_http_version 1.1;
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_redirect off;
- '';
- };
- };
- };
-}
diff --git a/makefu/2configs/nginx/euer.test.nix b/makefu/2configs/nginx/euer.test.nix
deleted file mode 100644
index 40c37613..00000000
--- a/makefu/2configs/nginx/euer.test.nix
+++ /dev/null
@@ -1,24 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
- hostname = config.krebs.build.host.name;
- user = config.services.nginx.user;
- group = config.services.nginx.group;
- external-ip = config.krebs.build.host.nets.internet.ip4.addr;
- internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
-in {
- services.nginx = {
- enable = mkDefault true;
- virtualHosts."share.euer.krebsco.de" = {
- locations."/" = {
- proxyPass = "http://localhost:8000/";
- extraConfig = ''
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- '';
- };
- };
- };
-}
diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix
deleted file mode 100644
index 2f44d8cc..00000000
--- a/makefu/2configs/nginx/euer.wiki.nix
+++ /dev/null
@@ -1,108 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
- sec = toString <secrets>;
- ext-dom = "wiki.euer.krebsco.de";
-
- user = config.services.nginx.user;
- group = config.services.nginx.group;
- fpm-socket = "/var/run/php5-fpm.sock";
- hostname = config.krebs.build.host.name;
- tw-upload = pkgs.tw-upload-plugin;
- base-dir = "/var/www/wiki.euer";
- base-cfg = "${base-dir}/twconf.ini";
- wiki-dir = "${base-dir}/store/";
- backup-dir = "${base-dir}/backup/";
- # contains:
- # user1 = pass1
- # userN = passN
- # afterwards put /var/www/<ext-dom>/user1.html as tiddlywiki
- tw-pass-file = "${sec}/tw-pass.ini";
-
-in {
- state = [ base-dir ];
- services.phpfpm = {
- pools.euer-wiki = {
- inherit user group;
- listen = fpm-socket;
- settings = {
- "listen.owner" = user;
- "pm" = "dynamic";
- "pm.max_children" = 5;
- "pm.start_servers" = 2;
- "pm.min_spare_servers" = 1;
- "pm.max_spare_servers" = 3;
- "chdir" = "/";
- "php_admin_value[error_log]" = "stderr";
- "php_admin_flag[log_errors]" = "on";
- "catch_workers_output" = "yes";
-
- };
- phpEnv.twconf = base-cfg;
- };
- };
-
- systemd.services.prepare-tw = {
- wantedBy = [ "local-fs.target" ];
- before = [ "phpfpm.service" "nginx.service" ];
- serviceConfig = {
- ExecStart = pkgs.writeScript "prepare-tw-service" ''
- #!/bin/sh
- if ! test -d "${base-dir}" ;then
- mkdir -p "${wiki-dir}" "${backup-dir}"
-
- # write the base configuration
- cat > "${base-cfg}" <<EOF
- [users]
- $(cat "${tw-pass-file}")
- [directories]
- backupdir = ${backup-dir}
- savedir = ${wiki-dir}
- EOF
-
- chown -R ${user}:${group} "${base-dir}"
- chmod 700 -R "${base-dir}"
- fi
- '';
- Type = "oneshot";
- RemainAfterExit = "yes";
- TimeoutSec = "0";
- };
- };
-
- services.nginx = {
- enable = mkDefault true;
- recommendedGzipSettings = true;
- virtualHosts = {
- "${ext-dom}" = {
- #serverAliases = [
- # "wiki.makefu.r"
- # "wiki.makefu"
- #];
- forceSSL = true;
- enableACME = true;
- locations = {
- "/" = {
- root = wiki-dir;
- index = "makefu.html";
- extraConfig = ''
- expires -1;
- autoindex on;
- '';
- };
- "/store.php" = {
- root = tw-upload;
- extraConfig = ''
- client_max_body_size 200M;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass unix:${fpm-socket};
- include ${pkgs.nginx}/conf/fastcgi_params;
- include ${pkgs.nginx}/conf/fastcgi.conf;
- '';
- };
- };
- };
- };
- };
-}
diff --git a/makefu/2configs/nginx/gold.krebsco.de.nix b/makefu/2configs/nginx/gold.krebsco.de.nix
deleted file mode 100644
index 083c0f8d..00000000
--- a/makefu/2configs/nginx/gold.krebsco.de.nix
+++ /dev/null
@@ -1,24 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
- gold = pkgs.fetchFromGitHub {
- owner = "krebs";
- repo = "krebsgold";
- rev = "15f7a74";
- sha256= "1ya9xgg640k3hbl63022sfm44c1si2mxch8jkxindmwg4pa1y4ly";
- };
-in {
-
- services.nginx = {
- enable = mkDefault true;
- virtualHosts = {
- "gold.krebsco.de" = {
- enableACME = true;
- forceSSL = true;
- root = toString gold + "/html";
- };
- };
- };
-}
-
diff --git a/makefu/2configs/nginx/gum.krebsco.de.nix b/makefu/2configs/nginx/gum.krebsco.de.nix
deleted file mode 100644
index 3e96e682..00000000
--- a/makefu/2configs/nginx/gum.krebsco.de.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
-in {
- services.nginx = {
- enable = mkDefault true;
- virtualHosts."gum.krebsco.de" = {
- forceSSL = true;
- enableACME = true;
- locations."/" = {
- # proxyPass = "http://localhost:8000/";
- # extraConfig = ''
- # proxy_set_header Host $host;
- # proxy_set_header X-Real-IP $remote_addr;
- # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- # '';
- };
- };
- };
-}
diff --git a/makefu/2configs/nginx/icecult.nix b/makefu/2configs/nginx/icecult.nix
deleted file mode 100644
index e817e55d..00000000
--- a/makefu/2configs/nginx/icecult.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-with import <stockholm/lib>;
-
-let
- icecult = pkgs.fetchFromGitHub {
- owner = "kraiz";
- repo = "icecult";
- rev = "1942d43381a97f30111a48725f7532c343a6f4d7";
- sha256 = "0l8q7kw3w1kpvmy8hza9vr5liiycivbljkmwpacaifbay5y98z58";
- };
-in{
- services.nginx = {
- enable = true;
- virtualHosts.default = {
- root = "${icecult}/app";
- locations = {
- "/rpc".proxyPass = "http://10.42.22.163:3121";
- "/rpc".extraConfig = ''
- rewrite /rpc/(.*) /$1 break;
- proxy_http_version 1.1;
- '';
- };
- };
- };
-}
diff --git a/makefu/2configs/nginx/iso.euer.nix b/makefu/2configs/nginx/iso.euer.nix
deleted file mode 100644
index 701609d4..00000000
--- a/makefu/2configs/nginx/iso.euer.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{ config, pkgs, ... }:
-let
- system = builtins.currentSystem; #we can also build for other platforms
- iso = (import <nixpkgs/nixos/lib/eval-config.nix>
- { inherit system;
- modules = [ ../../1systems/iso/config.nix ]; }
-
- );
- image = iso.config.system.build.isoImage;
- name = iso.config.isoImage.isoName;
-
- drivedroid-cfg = builtins.toJSON [{
- id = "stockholm";
- imageUrl = http://krebsco.de/krebs-v2.png;
- name = "stockholm";
- tags = [ "hybrid" ];
- url = http://krebsco.de;
- releases = [
- { version = iso.config.system.nixos.label;
- url = "/stockholm.iso";
- arch = system; }
- ];
- # size = TODO;
- }];
- web = pkgs.linkFarm "web" [{
- name = "drivedroid.json";
- path = pkgs.writeText "drivedroid.json" drivedroid-cfg; }
- { name = "stockholm.iso";
- path = "${image}/iso/${name}"; }
- ];
-in
-{
- services.nginx = {
- virtualHosts = {
- "iso.euer.krebsco.de" = {
- enableACME = true;
- forceSSL = true;
- root = web;
- locations."/".index = "drivedroid.json";
- };
- };
- };
-}
diff --git a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix b/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix
deleted file mode 100644
index c8a5ae70..00000000
--- a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
- services.nginx = {
- enable = lib.mkDefault true;
- virtualHosts."misa-felix.ml" = {
- #forceSSL = true;
- #enableACME = true;
- locations = {
- "/" = {
- index = "index.html";
- root = "/var/www/misa-felix-hochzeit.ml";
- };
- };
- };
- };
-}
diff --git a/makefu/2configs/nginx/public_html.nix b/makefu/2configs/nginx/public_html.nix
deleted file mode 100644
index 676d1f11..00000000
--- a/makefu/2configs/nginx/public_html.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{ config, lib, ... }:
-
-with import <stockholm/lib>;
-
-{
- services.nginx = {
- enable = true;
- virtualHosts.default = {
- default = true;
- locations = {
- "~ ^/~(.+?)(/.*)?\$".extraConfig = ''
- alias /home/$1/public_html$2;
- autoindex on;
- '';
- };
- };
- };
-}
diff --git a/makefu/2configs/nginx/rompr.nix b/makefu/2configs/nginx/rompr.nix
deleted file mode 100644
index c7dc3ff1..00000000
--- a/makefu/2configs/nginx/rompr.nix
+++ /dev/null
@@ -1,75 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
- user = config.services.nginx.user;
- group = config.services.nginx.group;
- src = pkgs.fetchFromGitHub {
- owner = "fatg3erman";
- repo = "RompR";
- rev = "1.21";
- sha256 = "00gk2c610qgpsb6y296h9pz2aaa6gfq4cqhn15l7fdrk3lkvh01q";
- };
- fpm-socket = "/var/run/php5-rompr-fpm.sock";
- mpd-src = "/var/lib/rompr";
-
-in {
- services.phpfpm = {
- poolConfigs = {
- mpd = ''
- user = ${user}
- group = ${group}
- listen = ${fpm-socket}
- listen.owner = ${user}
- listen.group = ${group}
- pm = dynamic
- pm.max_children = 5
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 3
- chdir = /
- php_admin_value[error_log] = 'stderr'
- php_admin_flag[log_errors] = on
- catch_workers_output = yes
- '';
- };
- };
- # TODO: Pre-job
- # TODO: prefs.var could be templated (serialized php ...) then we would not
- # need to have a state dir at all
- system.activationScripts.rompr = ''
- mkdir -p ${mpd-src}
- cp -r ${src}/. ${mpd-src}
- chown -R ${user}:${group} ${mpd-src}
- chmod 770 ${mpd-src}
- '';
- services.nginx = {
- enable = mkDefault true;
- virtualHosts = {
- "localhost" = {
- root = mpd-src;
- locations."/".index = "index.php";
- locations."~ \.php$" = {
- root = mpd-src;
- extraConfig = ''
- client_max_body_size 200M;
- fastcgi_pass unix:${fpm-socket};
- include ${pkgs.nginx}/conf/fastcgi_params;
- include ${pkgs.nginx}/conf/fastcgi.conf;
- fastcgi_index index.php;
- try_files $uri =404;
- '';
- };
- };
- };
- };
- services.mysql = {
- enable = true;
- package = pkgs.mariadb;
- ensureDatabases = [ "romprdb" ];
- ensureUsers = [
- { ensurePermissions = { "romprdb.*" = "ALL PRIVILEGES"; };
- name = user; }
- ];
- };
-}
diff --git a/makefu/2configs/nginx/update.connector.one.nix b/makefu/2configs/nginx/update.connector.one.nix
deleted file mode 100644
index 44345dcd..00000000
--- a/makefu/2configs/nginx/update.connector.one.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-{
- services.nginx = {
- enable = mkDefault true;
- virtualHosts."update.connector.one" = {
- locations = {
- "/" = {
- root = "/var/www/update.connector.one";
- extraConfig = ''
- autoindex on;
- sendfile on;
- gzip on;
- '';
- };
- };
- };
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-05 18:13:36 +0000