forked from DGNum/infrastructure
33 lines
597 B
Nix
33 lines
597 B
Nix
|
{ sources, config, ... }:
|
||
|
let
|
||
|
host = "kahulm.normalesup.eu";
|
||
|
port = 3009;
|
||
|
in
|
||
|
{
|
||
|
imports = [ (sources.kahulm + "/module.nix") ];
|
||
|
|
||
|
services.kahulm = {
|
||
|
inherit port;
|
||
|
enable = true;
|
||
|
baseUrl = "https://${host}";
|
||
|
sessionSecretFile = config.age.secrets.kahulm-session_secret.path;
|
||
|
};
|
||
|
|
||
|
services.nginx = {
|
||
|
enable = true;
|
||
|
|
||
|
virtualHosts.${host} = {
|
||
|
enableACME = true;
|
||
|
forceSSL = true;
|
||
|
locations."/" = {
|
||
|
proxyPass = "http://127.0.0.1:${builtins.toString port}";
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
|
||
|
networking.firewall.allowedTCPPorts = [
|
||
|
80
|
||
|
443
|
||
|
];
|
||
|
}
|