makefu/2configs/deployment/boot-euer.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

{ config, lib, pkgs, ... }:
# more than just nginx config but not enough to become a module
with import <stockholm/lib>;
let
  hostname = config.krebs.build.host.name;
  bootscript = pkgs.writeTextDir "runit" ''
    set -euf
    cd /root
    mkdir -p .ssh
    echo "${config.krebs.users.makefu.pubkey}" > .ssh/authorized_keys
    chmod 700 -R .ssh
    systemctl restart sshd
  '';
in {

  services.nginx = {
    enable = mkDefault true;
    virtualHosts."boot.euer.krebsco.de" = {
      forceSSL = true;
      enableACME = true;
      locations."/" = {
        root = bootscript;
        index = "runit";
      };
    };
  };
}