Compare commits
No commits in common. "2b52c9997ad75670c2efe8ba162bb9639a6f3f66" and "7c5ed7b65a73f5b0ab98fe06d53e73f128a65e7c" have entirely different histories.
2b52c9997a
...
7c5ed7b65a
8 changed files with 42 additions and 68 deletions
33
machines/web01/castopod-head-proxy.nix
Normal file
33
machines/web01/castopod-head-proxy.nix
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
{ config, lib, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.services.castopod;
|
||||||
|
fpm = config.services.phpfpm.pools.castopod;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
services.nginx = {
|
||||||
|
resolver.addresses = [ "127.0.0.53" ];
|
||||||
|
virtualHosts."${cfg.localDomain}" = {
|
||||||
|
|
||||||
|
locations."@force_get" = {
|
||||||
|
extraConfig = lib.mkForce ''
|
||||||
|
recursive_error_pages on;
|
||||||
|
proxy_method GET;
|
||||||
|
proxy_pass https://podcasts.dgnum.eu/$request_uri;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
locations."~ .php$" = {
|
||||||
|
extraConfig = lib.mkForce ''
|
||||||
|
error_page 550 = @force_get;
|
||||||
|
if ($request_method = HEAD) { return 550; }
|
||||||
|
fastcgi_intercept_errors on;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
fastcgi_pass unix:${fpm.socket};
|
||||||
|
try_files $uri =404;
|
||||||
|
fastcgi_read_timeout 3600;
|
||||||
|
fastcgi_send_timeout 3600;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -8,7 +8,7 @@ in
|
||||||
enable = true;
|
enable = true;
|
||||||
localDomain = host;
|
localDomain = host;
|
||||||
environmentFile = config.age.secrets.castopod-environment_file.path;
|
environmentFile = config.age.secrets.castopod-environment_file.path;
|
||||||
maxUploadSize = "512M";
|
maxUploadSize = 512;
|
||||||
settings = {
|
settings = {
|
||||||
"email.fromEmail" = "noreply@infra.dgnum.eu";
|
"email.fromEmail" = "noreply@infra.dgnum.eu";
|
||||||
"email.SMTPHost" = "kurisu.lahfa.xyz";
|
"email.SMTPHost" = "kurisu.lahfa.xyz";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ config, ... }:
|
_:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [ ./packages ];
|
imports = [ ./packages ];
|
||||||
|
@ -8,29 +8,9 @@
|
||||||
|
|
||||||
api.host = "api.meet.dgnum.eu";
|
api.host = "api.meet.dgnum.eu";
|
||||||
frontend.host = "meet.dgnum.eu";
|
frontend.host = "meet.dgnum.eu";
|
||||||
|
|
||||||
|
configureNginx = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
dgn-backups.postgresDatabases = [ "crabfit" ];
|
dgn-backups.postgresDatabases = [ "crabfit" ];
|
||||||
|
|
||||||
services.nginx =
|
|
||||||
let
|
|
||||||
cfg = config.services.crabfit;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
enable = true;
|
|
||||||
|
|
||||||
virtualHosts.${cfg.frontend.host} = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
|
|
||||||
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.frontend.port}";
|
|
||||||
};
|
|
||||||
|
|
||||||
virtualHosts.${cfg.api.host} = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
|
|
||||||
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.api.port}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -34,21 +34,6 @@ TODO.
|
||||||
|
|
||||||
Machines can use different versions of NixOS, the supported and default ones are specified here.
|
Machines can use different versions of NixOS, the supported and default ones are specified here.
|
||||||
|
|
||||||
## How to add a new version
|
|
||||||
|
|
||||||
- Switch to a new branch `nixos-$VERSION`
|
|
||||||
- Run the following command
|
|
||||||
|
|
||||||
```bash
|
|
||||||
npins add channel nixos-$VERSION
|
|
||||||
```
|
|
||||||
|
|
||||||
- Edit `meta/nixpkgs.nix` and add `$VERSION` to the supported version.
|
|
||||||
- Read the release notes and check for changes.
|
|
||||||
- Update the nodes versions
|
|
||||||
- Create a PR so that the CI check that it builds
|
|
||||||
|
|
||||||
|
|
||||||
# Nodes
|
# Nodes
|
||||||
|
|
||||||
The nodes are declared statically, several options can be configured:
|
The nodes are declared statically, several options can be configured:
|
||||||
|
|
|
@ -6,6 +6,5 @@
|
||||||
supported = [
|
supported = [
|
||||||
"unstable"
|
"unstable"
|
||||||
"23.11"
|
"23.11"
|
||||||
"24.05"
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -27,7 +27,7 @@
|
||||||
stateVersion = "23.05";
|
stateVersion = "23.05";
|
||||||
vm-cluster = "Hyperviseur NPS";
|
vm-cluster = "Hyperviseur NPS";
|
||||||
|
|
||||||
nixpkgs = "24.05";
|
nix-modules = [ "services/crabfit" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
compute01 = {
|
compute01 = {
|
||||||
|
@ -35,7 +35,6 @@
|
||||||
|
|
||||||
stateVersion = "23.05";
|
stateVersion = "23.05";
|
||||||
nix-modules = [ "services/stirling-pdf" ];
|
nix-modules = [ "services/stirling-pdf" ];
|
||||||
nixpkgs = "24.05";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
geo01 = {
|
geo01 = {
|
||||||
|
@ -43,7 +42,7 @@
|
||||||
deployment.tags = [ "geo" ];
|
deployment.tags = [ "geo" ];
|
||||||
|
|
||||||
stateVersion = "24.05";
|
stateVersion = "24.05";
|
||||||
nixpkgs = "24.05";
|
nixpkgs = "unstable";
|
||||||
};
|
};
|
||||||
|
|
||||||
geo02 = {
|
geo02 = {
|
||||||
|
@ -51,13 +50,12 @@
|
||||||
deployment.tags = [ "geo" ];
|
deployment.tags = [ "geo" ];
|
||||||
|
|
||||||
stateVersion = "24.05";
|
stateVersion = "24.05";
|
||||||
nixpkgs = "24.05";
|
nixpkgs = "unstable";
|
||||||
};
|
};
|
||||||
|
|
||||||
storage01 = {
|
storage01 = {
|
||||||
site = "pav01";
|
site = "pav01";
|
||||||
stateVersion = "23.11";
|
stateVersion = "23.11";
|
||||||
nixpkgs = "24.05";
|
|
||||||
|
|
||||||
nix-modules = [ "services/forgejo-nix-runners" ];
|
nix-modules = [ "services/forgejo-nix-runners" ];
|
||||||
};
|
};
|
||||||
|
@ -67,7 +65,7 @@
|
||||||
deployment.targetHost = "vault01.hyp01.infra.dgnum.eu";
|
deployment.targetHost = "vault01.hyp01.infra.dgnum.eu";
|
||||||
|
|
||||||
stateVersion = "23.11";
|
stateVersion = "23.11";
|
||||||
nixpkgs = "24.05";
|
nixpkgs = "unstable";
|
||||||
|
|
||||||
adminGroups = [ "fai" ];
|
adminGroups = [ "fai" ];
|
||||||
};
|
};
|
||||||
|
|
|
@ -154,12 +154,6 @@
|
||||||
"url": "https://releases.nixos.org/nixos/23.11/nixos-23.11.6981.27c13997bf45/nixexprs.tar.xz",
|
"url": "https://releases.nixos.org/nixos/23.11/nixos-23.11.6981.27c13997bf45/nixexprs.tar.xz",
|
||||||
"hash": "1s4wn0m6bdzxl4rcxzmyy2fdschrdj3nqy6zl85xynaxkb0n1gpj"
|
"hash": "1s4wn0m6bdzxl4rcxzmyy2fdschrdj3nqy6zl85xynaxkb0n1gpj"
|
||||||
},
|
},
|
||||||
"nixos-24.05": {
|
|
||||||
"type": "Channel",
|
|
||||||
"name": "nixos-24.05",
|
|
||||||
"url": "https://releases.nixos.org/nixos/24.05/nixos-24.05.1135.9b5328b7f761/nixexprs.tar.xz",
|
|
||||||
"hash": "0k8d0xvygkxzvs5ikcw8j0pnksvzdmxdl03i69mni3nxylszyxvl"
|
|
||||||
},
|
|
||||||
"nixos-generators": {
|
"nixos-generators": {
|
||||||
"type": "Git",
|
"type": "Git",
|
||||||
"repository": {
|
"repository": {
|
||||||
|
@ -232,4 +226,4 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"version": 3
|
"version": 3
|
||||||
}
|
}
|
|
@ -6,21 +6,6 @@ let
|
||||||
in
|
in
|
||||||
|
|
||||||
{
|
{
|
||||||
"nixos-24.05" = [
|
|
||||||
# netbox qrcode plugin
|
|
||||||
{
|
|
||||||
_type = "commit";
|
|
||||||
sha = "ae4bf4c110378ebacb3989c9533726859cfebbfa";
|
|
||||||
hash = "sha256-SgHhW9HCkDQsxT3eG4P9q68c43e3sbDHRY9qs7oSt8o=";
|
|
||||||
}
|
|
||||||
|
|
||||||
netboxAgent
|
|
||||||
|
|
||||||
{
|
|
||||||
id = "275165";
|
|
||||||
hash = "sha256-9a26V3Pi8yLD3N9+mC1kvJoruxRTp/qOHapnt6VX7pw=";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
"nixos-23.11" = [
|
"nixos-23.11" = [
|
||||||
# netbox module
|
# netbox module
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue