forked from DGNum/infrastructure
32 lines
597 B
Nix
32 lines
597 B
Nix
{ sources, config, ... }:
|
|
let
|
|
host = "kahulm.normalesup.eu";
|
|
port = 3009;
|
|
in
|
|
{
|
|
imports = [ (sources.kahulm + "/module.nix") ];
|
|
|
|
services.kahulm = {
|
|
inherit port;
|
|
enable = true;
|
|
baseUrl = "https://${host}";
|
|
sessionSecretFile = config.age.secrets.kahulm-session_secret.path;
|
|
};
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
virtualHosts.${host} = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${builtins.toString port}";
|
|
};
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
80
|
|
443
|
|
];
|
|
}
|