summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2023-04-02 18:42:50 +0200
committermakefu <github@syntax-fehler.de>2023-04-02 18:42:50 +0200
commit7239ec83c5531fa100d1863fec9d82033d13ad34 (patch)
tree1cfde19ffaf06d44a5fd30d7fc0ca2eaad2d4ad2 /lass
parentd335011fce054bebc0e429ea10bccabaf898d2b2 (diff)
parentc4bf35d8e13d1258fcbacd118a0fc75197b9fe7e (diff)
Merge remote-tracking branch 'lassul.us/master'
Diffstat (limited to 'lass')
-rw-r--r--lass/1systems/coaxmetal/config.nix2
-rw-r--r--lass/1systems/orange/config.nix3
-rw-r--r--lass/2configs/git.nix2
-rw-r--r--lass/2configs/services/coms/proxy.nix1
-rw-r--r--lass/2configs/services/git/default.nix11
-rw-r--r--lass/2configs/services/git/proxy.nix13
6 files changed, 29 insertions, 3 deletions
diff --git a/lass/1systems/coaxmetal/config.nix b/lass/1systems/coaxmetal/config.nix
index 1df56f591..7fd76974b 100644
--- a/lass/1systems/coaxmetal/config.nix
+++ b/lass/1systems/coaxmetal/config.nix
@@ -20,8 +20,6 @@
<stockholm/lass/2configs/pass.nix>
<stockholm/lass/2configs/mail.nix>
<stockholm/lass/2configs/bitcoin.nix>
-
- <stockholm/lass/2configs/xonsh.nix>
<stockholm/lass/2configs/review.nix>
<stockholm/lass/2configs/dunst.nix>
# <stockholm/krebs/2configs/ircd.nix>
diff --git a/lass/1systems/orange/config.nix b/lass/1systems/orange/config.nix
index 5e975dba8..47867c31f 100644
--- a/lass/1systems/orange/config.nix
+++ b/lass/1systems/orange/config.nix
@@ -6,10 +6,13 @@ with import <stockholm/lib>;
<stockholm/lass/2configs>
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/mumble-reminder.nix>
+ <stockholm/lass/2configs/services/git>
];
krebs.build.host = config.krebs.hosts.orange;
+ services.nginx.enable = true;
+ networking.firewall.allowedTCPPorts = [ 80 443 ];
security.acme = {
acceptTerms = true;
defaults.email = "acme@lassul.us";
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 891aefcfd..16260b77b 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -145,7 +145,7 @@ let
channel = "#xxx";
# TODO define refs in some kind of option per repo
server = "irc.r";
- verbose = config.krebs.build.host.name == "prism";
+ verbose = config.krebs.build.host.name == "orange";
}}
${cgit-clear-cache}/bin/cgit-clear-cache
'';
diff --git a/lass/2configs/services/coms/proxy.nix b/lass/2configs/services/coms/proxy.nix
index 57e132151..e8555f9b7 100644
--- a/lass/2configs/services/coms/proxy.nix
+++ b/lass/2configs/services/coms/proxy.nix
@@ -16,6 +16,7 @@ in
services.nginx.streamConfig = ''
${lib.concatMapStringsSep "\n" (port: ''
server {
+ listen [::]:${toString port};
listen ${toString port};
proxy_pass ${target}:${toString port};
}
diff --git a/lass/2configs/services/git/default.nix b/lass/2configs/services/git/default.nix
new file mode 100644
index 000000000..096f73c03
--- /dev/null
+++ b/lass/2configs/services/git/default.nix
@@ -0,0 +1,11 @@
+{ config, lib, pkgs, ... }:
+{
+ imports = [
+ ../../git.nix
+ ];
+ services.nginx.virtualHosts."cgit.lassul.us" = {
+ enableACME = true;
+ addSSL = true;
+ locations = config.services.nginx.virtualHosts.cgit.locations;
+ };
+}
diff --git a/lass/2configs/services/git/proxy.nix b/lass/2configs/services/git/proxy.nix
new file mode 100644
index 000000000..cb05c3f6c
--- /dev/null
+++ b/lass/2configs/services/git/proxy.nix
@@ -0,0 +1,13 @@
+{ config, pkgs, ... }:
+{
+ services.nginx.virtualHosts."cgit.lassul.us" = {
+ forceSSL = true;
+ enableACME = true;
+ acmeFallbackHost = "orange.r";
+ locations."/" = {
+ proxyPass = "http://orange.r";
+ proxyWebsockets = true;
+ recommendedProxySettings = true;
+ };
+ };
+}