diff options
author | makefu <github@syntax-fehler.de> | 2015-11-27 23:10:44 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2015-11-27 23:10:44 +0100 |
commit | c7bb244bdf40cbcac76c23cda58e745021fa7247 (patch) | |
tree | 91967eb3721b940bc4d9795a076ad1acde4d6856 | |
parent | c7568df0e28ac34e4858b39defb5ca447c0595d3 (diff) |
m 1 gum: provides mattermost via docker container
-rw-r--r-- | krebs/3modules/makefu/default.nix | 2 | ||||
-rw-r--r-- | makefu/1systems/gum.nix | 9 | ||||
-rw-r--r-- | makefu/2configs/mattermost-docker.nix | 47 |
3 files changed, 56 insertions, 2 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 652527da2..037abbdfd 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -245,6 +245,8 @@ with lib; extraZones = { "krebsco.de" = '' share.euer IN A ${head nets.internet.addrs4} + mattermost.euer IN A ${head nets.internet.addrs4} + git.euer IN A ${head nets.internet.addrs4} gum IN A ${head nets.internet.addrs4} ''; }; diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 63ad18339..46bf3a970 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -13,14 +13,20 @@ in { ../2configs/fs/single-partition-ext4.nix # ../2configs/iodined.nix ../2configs/git/cgit-retiolum.nix - + ../2configs/mattermost-docker.nix ]; + + + ###### stable krebs.build.target = "root@gum.krebsco.de"; krebs.build.host = config.krebs.hosts.gum; + + # Chat environment.systemPackages = with pkgs;[ weechat + get ]; services.bitlbee.enable = true; @@ -30,7 +36,6 @@ in { boot.kernelModules = [ "kvm-intel" ]; # Network - services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="c8:0a:a9:c8:ee:dd", NAME="et0" ''; diff --git a/makefu/2configs/mattermost-docker.nix b/makefu/2configs/mattermost-docker.nix new file mode 100644 index 000000000..20a93dff1 --- /dev/null +++ b/makefu/2configs/mattermost-docker.nix @@ -0,0 +1,47 @@ +{config, lib, ...}: + +with lib; +let + sec = toString <secrets>; + ssl_cert = "${sec}/wildcard.krebsco.de.crt"; + ssl_key = "${sec}/wildcard.krebsco.de.key"; +in { + # mattermost docker config and deployment guide: git.euer.krebsco.de + virtualisation.docker.enable = true; + users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "docker" ]; + krebs.nginx = { + enable = true; + servers.mattermost = { + listen = [ "80" "443 ssl" ]; + server-names = [ "mattermost.euer.krebsco.de" ]; + extraConfig = '' + gzip on; + gzip_buffers 4 32k; + gzip_types text/plain application/x-javascript text/css; + ssl_certificate ${ssl_cert}; + ssl_certificate_key ${ssl_key}; + default_type text/plain; + + if ($scheme = http){ + return 301 https://$server_name$request_uri; + } + + client_max_body_size 4G; + keepalive_timeout 10; + + ''; + locations = [ + (nameValuePair "/" '' + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_redirect off; + proxy_pass http://localhost:8065/; + '') + ]; + }; + }; +} |