From 060a8f28fa1fc648bdf66afb31a5d1efac868837 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Jul 2023 22:24:15 +0200 Subject: makefu: move out to own repo, add vacation-note --- makefu/2configs/nginx/dl.euer.krebsco.de.nix | 23 ----- makefu/2configs/nginx/euer.blog.nix | 44 --------- makefu/2configs/nginx/euer.mon.nix | 42 --------- makefu/2configs/nginx/euer.test.nix | 24 ----- makefu/2configs/nginx/euer.wiki.nix | 110 ----------------------- makefu/2configs/nginx/gold.krebsco.de.nix | 24 ----- makefu/2configs/nginx/gum.krebsco.de.nix | 21 ----- makefu/2configs/nginx/icecult.nix | 26 ------ makefu/2configs/nginx/iso.euer.nix | 43 --------- makefu/2configs/nginx/misa-felix-hochzeit.ml.nix | 16 ---- makefu/2configs/nginx/music.euer.nix | 26 ------ makefu/2configs/nginx/public_html.nix | 18 ---- makefu/2configs/nginx/rompr.nix | 75 ---------------- makefu/2configs/nginx/update.connector.one.nix | 20 ----- 14 files changed, 512 deletions(-) delete mode 100644 makefu/2configs/nginx/dl.euer.krebsco.de.nix delete mode 100644 makefu/2configs/nginx/euer.blog.nix delete mode 100644 makefu/2configs/nginx/euer.mon.nix delete mode 100644 makefu/2configs/nginx/euer.test.nix delete mode 100644 makefu/2configs/nginx/euer.wiki.nix delete mode 100644 makefu/2configs/nginx/gold.krebsco.de.nix delete mode 100644 makefu/2configs/nginx/gum.krebsco.de.nix delete mode 100644 makefu/2configs/nginx/icecult.nix delete mode 100644 makefu/2configs/nginx/iso.euer.nix delete mode 100644 makefu/2configs/nginx/misa-felix-hochzeit.ml.nix delete mode 100644 makefu/2configs/nginx/music.euer.nix delete mode 100644 makefu/2configs/nginx/public_html.nix delete mode 100644 makefu/2configs/nginx/rompr.nix delete mode 100644 makefu/2configs/nginx/update.connector.one.nix (limited to 'makefu/2configs/nginx') diff --git a/makefu/2configs/nginx/dl.euer.krebsco.de.nix b/makefu/2configs/nginx/dl.euer.krebsco.de.nix deleted file mode 100644 index e31d355a..00000000 --- a/makefu/2configs/nginx/dl.euer.krebsco.de.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - users.groups.download.members = [ "nginx" ]; - services.nginx = { - enable = lib.mkDefault true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - virtualHosts."dl.euer.krebsco.de" = { - root = config.makefu.dl-dir; - extraConfig = "autoindex on;"; - forceSSL = true; - enableACME = true; - basicAuth = import ; - }; - virtualHosts."dl.gum.r" = { - serverAliases = [ "dl.gum" "dl.makefu.r" "dl.makefu" ]; - root = config.makefu.dl-dir; - extraConfig = "autoindex on;"; - basicAuth = import ; - }; - }; -} diff --git a/makefu/2configs/nginx/euer.blog.nix b/makefu/2configs/nginx/euer.blog.nix deleted file mode 100644 index 24696adf..00000000 --- a/makefu/2configs/nginx/euer.blog.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - sec = toString ; - hostname = config.krebs.build.host.name; - user = config.services.nginx.user; - group = config.services.nginx.group; - base-dir = "/var/www/blog.euer"; -in { - # Prepare Blog directory - systemd.services.prepare-euer-blog = { - wantedBy = [ "local-fs.target" ]; - before = [ "nginx.service" ]; - serviceConfig = { - # do nothing if the base dir already exists - ExecStart = pkgs.writeScript "prepare-euer-blog-service" '' - #!/bin/sh - if ! test -d "${base-dir}" ;then - mkdir -p "${base-dir}" - chown ${user}:${group} "${base-dir}" - chmod 700 "${base-dir}" - fi - ''; - Type = "oneshot"; - RemainAfterExit = "yes"; - TimeoutSec = "0"; - }; - }; - - services.nginx = { - enable = mkDefault true; - virtualHosts = { - "euer.krebsco.de" = { - #serverAliases = [ "blog.euer.krebsco.de" "blog.${hostname}" ]; - enableACME = true; - forceSSL = true; - default = true; - root = base-dir; - }; - }; - }; - state = [ base-dir ]; -} diff --git a/makefu/2configs/nginx/euer.mon.nix b/makefu/2configs/nginx/euer.mon.nix deleted file mode 100644 index c9db15b7..00000000 --- a/makefu/2configs/nginx/euer.mon.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - hostname = config.krebs.build.host.name; - user = config.services.nginx.user; - group = config.services.nginx.group; - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - services.nginx = { - enable = mkDefault true; - virtualHosts."mon.euer.krebsco.de" = let - # flesh_wrap - authFile = pkgs.writeText "influx.conf" '' - user:$apr1$ZG9oQCum$FhtIe/cl3jf8Sa4zq/BWd1 - ''; - in { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://wbob.r:3000/"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - locations."/influxdb/" = { - proxyPass = "http://wbob.r:8086/"; - extraConfig = '' - auth_basic "Needs Autherization to visit"; - auth_basic_user_file ${authFile}; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_redirect off; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/euer.test.nix b/makefu/2configs/nginx/euer.test.nix deleted file mode 100644 index 40c37613..00000000 --- a/makefu/2configs/nginx/euer.test.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - hostname = config.krebs.build.host.name; - user = config.services.nginx.user; - group = config.services.nginx.group; - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - services.nginx = { - enable = mkDefault true; - virtualHosts."share.euer.krebsco.de" = { - locations."/" = { - proxyPass = "http://localhost:8000/"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix deleted file mode 100644 index a925b9f7..00000000 --- a/makefu/2configs/nginx/euer.wiki.nix +++ /dev/null @@ -1,110 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - sec = toString ; - ext-dom = "wiki.euer.krebsco.de"; - - user = config.services.nginx.user; - group = config.services.nginx.group; - fpm-socket = "/var/run/php5-fpm.sock"; - hostname = config.krebs.build.host.name; - tw-upload = pkgs.tw-upload-plugin; - base-dir = "/var/www/wiki.euer"; - base-cfg = "${base-dir}/twconf.ini"; - wiki-dir = "${base-dir}/store/"; - backup-dir = "${base-dir}/backup/"; - # contains: - # user1 = pass1 - # userN = passN - # afterwards put /var/www//user1.html as tiddlywiki - tw-pass-file = "${sec}/tw-pass.ini"; - -in { - state = [ base-dir ]; - # hotfix for broken wiki after reboot - systemd.services."phpfpm-euer-wiki".serviceConfig.RequiresMountFor = [ "/media/cloud" ]; - services.phpfpm = { - pools.euer-wiki = { - inherit user group; - listen = fpm-socket; - settings = { - "listen.owner" = user; - "pm" = "dynamic"; - "pm.max_children" = 5; - "pm.start_servers" = 2; - "pm.min_spare_servers" = 1; - "pm.max_spare_servers" = 3; - "chdir" = "/"; - "php_admin_value[error_log]" = "stderr"; - "php_admin_flag[log_errors]" = "on"; - "catch_workers_output" = "yes"; - - }; - phpEnv.twconf = base-cfg; - }; - }; - - systemd.services.prepare-tw = { - wantedBy = [ "local-fs.target" ]; - before = [ "phpfpm.service" "nginx.service" ]; - serviceConfig = { - ExecStart = pkgs.writeScript "prepare-tw-service" '' - #!/bin/sh - if ! test -d "${base-dir}" ;then - mkdir -p "${wiki-dir}" "${backup-dir}" - - # write the base configuration - cat > "${base-cfg}" <; -let - gold = pkgs.fetchFromGitHub { - owner = "krebs"; - repo = "krebsgold"; - rev = "15f7a74"; - sha256= "1ya9xgg640k3hbl63022sfm44c1si2mxch8jkxindmwg4pa1y4ly"; - }; -in { - - services.nginx = { - enable = mkDefault true; - virtualHosts = { - "gold.krebsco.de" = { - enableACME = true; - forceSSL = true; - root = toString gold + "/html"; - }; - }; - }; -} - diff --git a/makefu/2configs/nginx/gum.krebsco.de.nix b/makefu/2configs/nginx/gum.krebsco.de.nix deleted file mode 100644 index 3e96e682..00000000 --- a/makefu/2configs/nginx/gum.krebsco.de.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let -in { - services.nginx = { - enable = mkDefault true; - virtualHosts."gum.krebsco.de" = { - forceSSL = true; - enableACME = true; - locations."/" = { - # proxyPass = "http://localhost:8000/"; - # extraConfig = '' - # proxy_set_header Host $host; - # proxy_set_header X-Real-IP $remote_addr; - # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/icecult.nix b/makefu/2configs/nginx/icecult.nix deleted file mode 100644 index e817e55d..00000000 --- a/makefu/2configs/nginx/icecult.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, pkgs, lib, ... }: - -with import ; - -let - icecult = pkgs.fetchFromGitHub { - owner = "kraiz"; - repo = "icecult"; - rev = "1942d43381a97f30111a48725f7532c343a6f4d7"; - sha256 = "0l8q7kw3w1kpvmy8hza9vr5liiycivbljkmwpacaifbay5y98z58"; - }; -in{ - services.nginx = { - enable = true; - virtualHosts.default = { - root = "${icecult}/app"; - locations = { - "/rpc".proxyPass = "http://10.42.22.163:3121"; - "/rpc".extraConfig = '' - rewrite /rpc/(.*) /$1 break; - proxy_http_version 1.1; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/iso.euer.nix b/makefu/2configs/nginx/iso.euer.nix deleted file mode 100644 index 701609d4..00000000 --- a/makefu/2configs/nginx/iso.euer.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ config, pkgs, ... }: -let - system = builtins.currentSystem; #we can also build for other platforms - iso = (import - { inherit system; - modules = [ ../../1systems/iso/config.nix ]; } - - ); - image = iso.config.system.build.isoImage; - name = iso.config.isoImage.isoName; - - drivedroid-cfg = builtins.toJSON [{ - id = "stockholm"; - imageUrl = http://krebsco.de/krebs-v2.png; - name = "stockholm"; - tags = [ "hybrid" ]; - url = http://krebsco.de; - releases = [ - { version = iso.config.system.nixos.label; - url = "/stockholm.iso"; - arch = system; } - ]; - # size = TODO; - }]; - web = pkgs.linkFarm "web" [{ - name = "drivedroid.json"; - path = pkgs.writeText "drivedroid.json" drivedroid-cfg; } - { name = "stockholm.iso"; - path = "${image}/iso/${name}"; } - ]; -in -{ - services.nginx = { - virtualHosts = { - "iso.euer.krebsco.de" = { - enableACME = true; - forceSSL = true; - root = web; - locations."/".index = "drivedroid.json"; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix b/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix deleted file mode 100644 index c8a5ae70..00000000 --- a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."misa-felix.ml" = { - #forceSSL = true; - #enableACME = true; - locations = { - "/" = { - index = "index.html"; - root = "/var/www/misa-felix-hochzeit.ml"; - }; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/music.euer.nix b/makefu/2configs/nginx/music.euer.nix deleted file mode 100644 index e866f1b0..00000000 --- a/makefu/2configs/nginx/music.euer.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - hostname = config.krebs.build.host.name; - user = config.services.nginx.user; - group = config.services.nginx.group; - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."music.euer.krebsco.de" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://omo:4533/"; - proxyWebsockets = true; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/public_html.nix b/makefu/2configs/nginx/public_html.nix deleted file mode 100644 index 676d1f11..00000000 --- a/makefu/2configs/nginx/public_html.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, lib, ... }: - -with import ; - -{ - services.nginx = { - enable = true; - virtualHosts.default = { - default = true; - locations = { - "~ ^/~(.+?)(/.*)?\$".extraConfig = '' - alias /home/$1/public_html$2; - autoindex on; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/nginx/rompr.nix b/makefu/2configs/nginx/rompr.nix deleted file mode 100644 index c7dc3ff1..00000000 --- a/makefu/2configs/nginx/rompr.nix +++ /dev/null @@ -1,75 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -let - user = config.services.nginx.user; - group = config.services.nginx.group; - src = pkgs.fetchFromGitHub { - owner = "fatg3erman"; - repo = "RompR"; - rev = "1.21"; - sha256 = "00gk2c610qgpsb6y296h9pz2aaa6gfq4cqhn15l7fdrk3lkvh01q"; - }; - fpm-socket = "/var/run/php5-rompr-fpm.sock"; - mpd-src = "/var/lib/rompr"; - -in { - services.phpfpm = { - poolConfigs = { - mpd = '' - user = ${user} - group = ${group} - listen = ${fpm-socket} - listen.owner = ${user} - listen.group = ${group} - pm = dynamic - pm.max_children = 5 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 3 - chdir = / - php_admin_value[error_log] = 'stderr' - php_admin_flag[log_errors] = on - catch_workers_output = yes - ''; - }; - }; - # TODO: Pre-job - # TODO: prefs.var could be templated (serialized php ...) then we would not - # need to have a state dir at all - system.activationScripts.rompr = '' - mkdir -p ${mpd-src} - cp -r ${src}/. ${mpd-src} - chown -R ${user}:${group} ${mpd-src} - chmod 770 ${mpd-src} - ''; - services.nginx = { - enable = mkDefault true; - virtualHosts = { - "localhost" = { - root = mpd-src; - locations."/".index = "index.php"; - locations."~ \.php$" = { - root = mpd-src; - extraConfig = '' - client_max_body_size 200M; - fastcgi_pass unix:${fpm-socket}; - include ${pkgs.nginx}/conf/fastcgi_params; - include ${pkgs.nginx}/conf/fastcgi.conf; - fastcgi_index index.php; - try_files $uri =404; - ''; - }; - }; - }; - }; - services.mysql = { - enable = true; - package = pkgs.mariadb; - ensureDatabases = [ "romprdb" ]; - ensureUsers = [ - { ensurePermissions = { "romprdb.*" = "ALL PRIVILEGES"; }; - name = user; } - ]; - }; -} diff --git a/makefu/2configs/nginx/update.connector.one.nix b/makefu/2configs/nginx/update.connector.one.nix deleted file mode 100644 index 44345dcd..00000000 --- a/makefu/2configs/nginx/update.connector.one.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - services.nginx = { - enable = mkDefault true; - virtualHosts."update.connector.one" = { - locations = { - "/" = { - root = "/var/www/update.connector.one"; - extraConfig = '' - autoindex on; - sendfile on; - gzip on; - ''; - }; - }; - }; - }; -} -- cgit v1.2.3