From 8f98fde52310f21e5aceafb5fd1dfe1707227739 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 31 Jan 2017 16:57:42 +0100 Subject: l 2: add bepasty.nix --- lass/2configs/bepasty.nix | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 lass/2configs/bepasty.nix (limited to 'lass/2configs') diff --git a/lass/2configs/bepasty.nix b/lass/2configs/bepasty.nix new file mode 100644 index 000000000..a3c6d0f28 --- /dev/null +++ b/lass/2configs/bepasty.nix @@ -0,0 +1,40 @@ +{ config, pkgs, ... }: +with import ; + +# secrets used: +# wildcard.krebsco.de.crt +# wildcard.krebsco.de.key +# bepasty-secret.nix <- contains single string + +with import ; +let + secKey = import ; + ext-dom = "paste.lassul.us" ; +in { + + services.nginx.enable = mkDefault true; + krebs.bepasty = { + enable = true; + serveNginx= true; + + servers = { + "paste.r" = { + nginx = { + serverAliases = [ "paste.retiolum" "paste.${config.krebs.build.host.name}" ]; + }; + defaultPermissions = "admin,list,create,read,delete"; + secretKey = secKey; + }; + + "${ext-dom}" = { + nginx = { + enableSSL = true; + forceSSL = true; + enableACME = true; + }; + defaultPermissions = "read"; + secretKey = secKey; + }; + }; + }; +} -- cgit v1.2.3