diff options
| author | makefu <github@syntax-fehler.de> | 2016-12-24 23:41:33 +0100 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2016-12-24 23:41:33 +0100 |
| commit | 5c727b655f3a1d1e049dd822f152fa82e9c9a8b1 (patch) | |
| tree | f9c387e4fcf21a1471304c2c564e8031b4460376 | |
| parent | dbd2999dc204d339dcc9cccee19af65a91a89d9e (diff) | |
m 1 wry: krebs.nginx -> services.nginx
| -rw-r--r-- | makefu/1systems/wry.nix | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 17e81f793..81ee37bbe 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -13,7 +13,7 @@ in { ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/save-diskspace.nix - ../2configs/bepasty-dual.nix + # ../2configs/bepasty-dual.nix ../2configs/iodined.nix ../2configs/backup.nix @@ -21,9 +21,7 @@ in { # other nginx ../2configs/nginx/euer.wiki.nix ../2configs/nginx/euer.blog.nix - ../2configs/nginx/euer.test.nix - - #../2configs/elchos/stats.nix + # ../2configs/nginx/euer.test.nix # collectd # ../2configs/collectd/collectd-base.nix @@ -52,7 +50,7 @@ in { krebs.bepasty.servers.external.nginx.listen = [ "${external-ip}:80" "${external-ip}:443 ssl" ]; # prepare graphs - krebs.nginx.enable = true; + services.nginx.enable = true; krebs.retiolum-bootstrap.enable = true; krebs.tinc_graphs = { @@ -61,12 +59,17 @@ in { enable = true; # TODO: remove hard-coded hostname complete = { - listen = [ "${internal-ip}:80" ]; - server-names = [ "graphs.wry" "graphs.retiolum" "graphs.wry.retiolum" ]; + extraConfig = '' + if ( $server_addr = "${external-ip}" ) { + return 403; + } + ''; + serverAliases = [ "graphs.retiolum" "graphs.wry" "graphs.retiolum" "graphs.wry.retiolum" ]; }; anonymous = { - listen = [ "${external-ip}:80" ] ; - server-names = [ "graphs.krebsco.de" ]; + enableSSL = true; + forceSSL = true; + enableACME = true; }; }; }; |