summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--makefu/1systems/gum/config.nix1
-rw-r--r--makefu/2configs/nginx/euer.mon.nix26
-rw-r--r--makefu/source.nix51
3 files changed, 64 insertions, 14 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 578e4add8..9b6d9d571 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -62,6 +62,7 @@ in {
## Web
<stockholm/makefu/2configs/nginx/share-download.nix>
<stockholm/makefu/2configs/nginx/euer.test.nix>
+ <stockholm/makefu/2configs/nginx/euer.mon.nix>
<stockholm/makefu/2configs/nginx/euer.wiki.nix>
<stockholm/makefu/2configs/nginx/euer.blog.nix>
# <stockholm/makefu/2configs/nginx/gum.krebsco.de.nix>
diff --git a/makefu/2configs/nginx/euer.mon.nix b/makefu/2configs/nginx/euer.mon.nix
new file mode 100644
index 000000000..c5a7e68af
--- /dev/null
+++ b/makefu/2configs/nginx/euer.mon.nix
@@ -0,0 +1,26 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ hostname = config.krebs.build.host.name;
+ user = config.services.nginx.user;
+ group = config.services.nginx.group;
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
+in {
+ services.nginx = {
+ enable = mkDefault true;
+ virtualHosts."mon.euer.krebsco.de" = {
+ forceSSL = true;
+ enableACME = true;
+ locations."/" = {
+ proxyPass = "http://wbob.r:3000/";
+ extraConfig = ''
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ '';
+ };
+ };
+ };
+}
diff --git a/makefu/source.nix b/makefu/source.nix
index bcdb66a66..40aeac8b6 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -1,14 +1,16 @@
with import <stockholm/lib>;
host@{ name,
override ? {}
-, secure ? false
-, full ? false
-, torrent ? false
-, hw ? false
-, musnix ? false
-, python ? false
-, unstable ? false #unstable channel checked out
-, mic92 ? false
+, secure ? false
+, full ? false
+, torrent ? false
+, hw ? false
+, musnix ? false
+, python ? false
+, unstable ? false #unstable channel checked out
+, mic92 ? false
+, nms ? false
+, clever_kexec ?false
}:
let
builder = if getEnv "dummy_secrets" == "true"
@@ -42,11 +44,15 @@ in
file = "/home/makefu/store/${ref}";
};
- secrets.file = getAttr builder {
- buildbot = toString <stockholm/makefu/6tests/data/secrets>;
- makefu = "/home/makefu/secrets/${name}";
+ secrets = getAttr builder {
+ buildbot.file = toString <stockholm/makefu/6tests/data/secrets>;
+ makefu.pass = {
+ inherit name;
+ dir = "${getEnv "HOME"}/.secrets-pass";
+ };
};
+
stockholm.file = toString <stockholm>;
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
}
@@ -72,9 +78,12 @@ in
})
(mkIf ( torrent ) {
- torrent-secrets.file = getAttr builder {
- buildbot = toString <stockholm/makefu/6tests/data/secrets>;
- makefu = "/home/makefu/secrets/torrent" ;
+ torrent-secrets = getAttr builder {
+ buildbot.file = toString <stockholm/makefu/6tests/data/secrets>;
+ makefu.pass = {
+ name = "torrent";
+ dir = "${getEnv "HOME"}/.secrets-pass";
+ };
};
})
@@ -92,5 +101,19 @@ in
};
})
+ (mkIf ( nms ) {
+ nms.git = {
+ url = https://github.com/r-raymond/nixos-mailserver;
+ ref = "v2.1.2";
+ };
+ })
+
+ (mkIf ( clever_kexec ) {
+ clever_kexec.git = {
+ url = https://github.com/cleverca22/nix-tests;
+ ref = "5a670de7f2decfaafc95c34ffeb0f1896662f3d7";
+ };
+ })
+
override
]