summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2021-03-17 15:42:13 +0100
committerlassulus <lassulus@lassul.us>2021-03-17 15:42:13 +0100
commit3d1472a7cac3ab2c5f9efd06a501368308681999 (patch)
tree950fbe49dfd060923756dd517c41f27f646857de /makefu/2configs/bgt/etherpad.euer.krebsco.de.nix
parentf659c1879f6e0a0e9228205edd794aaab467aa0b (diff)
parent2044ad632b68ce173463287a9f437aae699bda83 (diff)
Merge remote-tracking branch 'gum/master'
Diffstat (limited to 'makefu/2configs/bgt/etherpad.euer.krebsco.de.nix')
-rw-r--r--makefu/2configs/bgt/etherpad.euer.krebsco.de.nix60
1 files changed, 60 insertions, 0 deletions
diff --git a/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix b/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix
new file mode 100644
index 000000000..48b947c58
--- /dev/null
+++ b/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix
@@ -0,0 +1,60 @@
+{ lib, ... }:
+let
+ port = 19201;
+in {
+ #services.nginx.virtualHosts."euer.krebsco.de".serverAliases = [ "etherpad.euer.krebsco.de" ];
+ services.nginx.virtualHosts."etherpad.euer.krebsco.de" = {
+ # useACMEHost = "euer.krebsco.de";
+ extraConfig = ''
+ ssl_session_timeout 30m;
+ '';
+ enableACME = true;
+ forceSSL = true;
+ locations."/".proxyPass = "http://localhost:${toString port}";
+ # from https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy
+ locations."/".extraConfig = ''
+
+ proxy_buffering off; # be careful, this line doesn't override any proxy_buffering on set in a conf.d/file.conf
+ proxy_set_header Host $host;
+ proxy_pass_header Server;
+
+ # Note you might want to pass these headers etc too.
+ proxy_set_header X-Real-IP $remote_addr; # https://nginx.org/en/docs/http/ngx_http_proxy_module.html
+ proxy_set_header X-Forwarded-For $remote_addr; # EP logs to show the actual remote IP
+ proxy_set_header X-Forwarded-Proto $scheme; # for EP to set secure cookie flag when https is used
+ proxy_http_version 1.1; # recommended with keepalive connections
+
+ # WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_read_timeout 1799s;
+ '';
+ };
+ docker-containers."etherpad-lite" = {
+ image = "makefoo/bgt-etherpad:2020-05-02.6";
+ ports = [ "127.0.0.1:${toString port}:9001" ];
+ volumes = [
+ "/var/src/secrets/etherpad/apikey:/opt/etherpad-lite/APIKEY.txt"
+ "etherpad_data:/opt/etherpad-lite/var" # persistent dirtydb
+ ];
+ # for postgres
+ #DB_TYPE=postgres
+ #DB_HOST=db.local
+ #DB_PORT=4321
+ #DB_NAME=etherpad
+ #DB_USER=dbusername
+ #DB_PASS=mypassword
+ environment = {
+ # ADMIN_PASSWORD = "auf jeden fall nicht das echte admin passwort";
+ SUPPRESS_ERRORS_IN_PAD_TEXT = "true";
+ TITLE = "Binärgewitter Etherpad";
+ SKIN_NAME = "no-skin";
+ DEFAULT_PAD_TEXT = builtins.replaceStrings ["\n"] ["\\n"] (builtins.readFile ./template.md);
+ PAD_OPTIONS_USE_MONOSPACE_FONT = "true";
+ PAD_OPTIONS_USER_NAME = "true";
+ PAD_OPTIONS_USER_COLOR = "true";
+ PAD_OPTIONS_CHAT_AND_USERS = "true";
+ PAD_OPTIONS_LANG = "en-US";
+ };
+ };
+}