summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-12-24 23:41:33 +0100
committermakefu <github@syntax-fehler.de>2016-12-24 23:41:33 +0100
commit5c727b655f3a1d1e049dd822f152fa82e9c9a8b1 (patch)
treef9c387e4fcf21a1471304c2c564e8031b4460376
parentdbd2999dc204d339dcc9cccee19af65a91a89d9e (diff)
m 1 wry: krebs.nginx -> services.nginx
-rw-r--r--makefu/1systems/wry.nix21
1 files changed, 12 insertions, 9 deletions
diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix
index 17e81f793..81ee37bbe 100644
--- a/makefu/1systems/wry.nix
+++ b/makefu/1systems/wry.nix
@@ -13,7 +13,7 @@ in {
../2configs/fs/CAC-CentOS-7-64bit.nix
../2configs/save-diskspace.nix
- ../2configs/bepasty-dual.nix
+ # ../2configs/bepasty-dual.nix
../2configs/iodined.nix
../2configs/backup.nix
@@ -21,9 +21,7 @@ in {
# other nginx
../2configs/nginx/euer.wiki.nix
../2configs/nginx/euer.blog.nix
- ../2configs/nginx/euer.test.nix
-
- #../2configs/elchos/stats.nix
+ # ../2configs/nginx/euer.test.nix
# collectd
# ../2configs/collectd/collectd-base.nix
@@ -52,7 +50,7 @@ in {
krebs.bepasty.servers.external.nginx.listen = [ "${external-ip}:80" "${external-ip}:443 ssl" ];
# prepare graphs
- krebs.nginx.enable = true;
+ services.nginx.enable = true;
krebs.retiolum-bootstrap.enable = true;
krebs.tinc_graphs = {
@@ -61,12 +59,17 @@ in {
enable = true;
# TODO: remove hard-coded hostname
complete = {
- listen = [ "${internal-ip}:80" ];
- server-names = [ "graphs.wry" "graphs.retiolum" "graphs.wry.retiolum" ];
+ extraConfig = ''
+ if ( $server_addr = "${external-ip}" ) {
+ return 403;
+ }
+ '';
+ serverAliases = [ "graphs.retiolum" "graphs.wry" "graphs.retiolum" "graphs.wry.retiolum" ];
};
anonymous = {
- listen = [ "${external-ip}:80" ] ;
- server-names = [ "graphs.krebsco.de" ];
+ enableSSL = true;
+ forceSSL = true;
+ enableACME = true;
};
};
};