summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2015-11-27 23:10:44 +0100
committermakefu <github@syntax-fehler.de>2015-11-27 23:10:44 +0100
commitc7bb244bdf40cbcac76c23cda58e745021fa7247 (patch)
tree91967eb3721b940bc4d9795a076ad1acde4d6856
parentc7568df0e28ac34e4858b39defb5ca447c0595d3 (diff)
m 1 gum: provides mattermost via docker container
-rw-r--r--krebs/3modules/makefu/default.nix2
-rw-r--r--makefu/1systems/gum.nix9
-rw-r--r--makefu/2configs/mattermost-docker.nix47
3 files changed, 56 insertions, 2 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 652527da2..037abbdfd 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -245,6 +245,8 @@ with lib;
extraZones = {
"krebsco.de" = ''
share.euer IN A ${head nets.internet.addrs4}
+ mattermost.euer IN A ${head nets.internet.addrs4}
+ git.euer IN A ${head nets.internet.addrs4}
gum IN A ${head nets.internet.addrs4}
'';
};
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index 63ad18339..46bf3a970 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -13,14 +13,20 @@ in {
../2configs/fs/single-partition-ext4.nix
# ../2configs/iodined.nix
../2configs/git/cgit-retiolum.nix
-
+ ../2configs/mattermost-docker.nix
];
+
+
+ ###### stable
krebs.build.target = "root@gum.krebsco.de";
krebs.build.host = config.krebs.hosts.gum;
+
+
# Chat
environment.systemPackages = with pkgs;[
weechat
+ get
];
services.bitlbee.enable = true;
@@ -30,7 +36,6 @@ in {
boot.kernelModules = [ "kvm-intel" ];
# Network
-
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="c8:0a:a9:c8:ee:dd", NAME="et0"
'';
diff --git a/makefu/2configs/mattermost-docker.nix b/makefu/2configs/mattermost-docker.nix
new file mode 100644
index 000000000..20a93dff1
--- /dev/null
+++ b/makefu/2configs/mattermost-docker.nix
@@ -0,0 +1,47 @@
+{config, lib, ...}:
+
+with lib;
+let
+ sec = toString <secrets>;
+ ssl_cert = "${sec}/wildcard.krebsco.de.crt";
+ ssl_key = "${sec}/wildcard.krebsco.de.key";
+in {
+ # mattermost docker config and deployment guide: git.euer.krebsco.de
+ virtualisation.docker.enable = true;
+ users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "docker" ];
+ krebs.nginx = {
+ enable = true;
+ servers.mattermost = {
+ listen = [ "80" "443 ssl" ];
+ server-names = [ "mattermost.euer.krebsco.de" ];
+ extraConfig = ''
+ gzip on;
+ gzip_buffers 4 32k;
+ gzip_types text/plain application/x-javascript text/css;
+ ssl_certificate ${ssl_cert};
+ ssl_certificate_key ${ssl_key};
+ default_type text/plain;
+
+ if ($scheme = http){
+ return 301 https://$server_name$request_uri;
+ }
+
+ client_max_body_size 4G;
+ keepalive_timeout 10;
+
+ '';
+ locations = [
+ (nameValuePair "/" ''
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_redirect off;
+ proxy_pass http://localhost:8065/;
+ '')
+ ];
+ };
+ };
+}