ktiu/omniflake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

more server stuff

Browse source
This commit is contained in:
Till 2025-04-27 18:29:51 +02:00
parent 0d08c32077
commit bc5f851d3f
5 changed files with 63 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

2
flake.nix
View file

@ -75,10 +75,12 @@
./system/hardware/arielle.nix ./system/hardware/arielle.nix
./system ./system
./system/web-server ./system/web-server
./system/web-server/radicale.nix
./system/web-server/outline.nix ./system/web-server/outline.nix
./system/web-server/jenkins.nix ./system/web-server/jenkins.nix
./system/web-server/mail.nix ./system/web-server/mail.nix
./system/web-server/ksh-map.nix ./system/web-server/ksh-map.nix
./system/web-server/fundkorb-button.nix
]; ];
}; };

13
system/web-server/fundkorb-button.nix Normal file
View file

@ -0,0 +1,13 @@
{ config, pkgs, ... }:
{
services.nginx.virtualHosts."fundkorb.ktiu.net" = {
addSSL = true;
enableACME = true;
root = "/var/www/fundkorb-button/html";
location."/" = {
basicAuth = "Fundkorb build trigger";
basicAuthFile = "/var/www/fundkorb-button/.htpasswd";
};
};
}

10
system/web-server/mail.nix
View file

@ -32,10 +32,13 @@ in {
enable = true; enable = true;
virtualHosts = { virtualHosts = {
"ktiu.net" = { "ktiu.net" = {
addSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
return = "418 'Ich bin eine Teekanne.'"; return = "200 'This domain used for e-mail hosting only.'";
extraConfig = ''
add_header Content-Type text/plain;
'';
}; };
}; };
"${config.networking.fqdn}" = { "${config.networking.fqdn}" = {
@ -45,7 +48,8 @@ in {
root = "/var/lib/acme/.challenges"; root = "/var/lib/acme/.challenges";
}; };
locations."/" = { locations."/" = {
return = "301 http://${config.networking.domain}"; # return = "301 http://${config.networking.domain}";
return = "404";
}; };
}; };
}; };

9
system/web-server/outline.nix
View file

@ -2,18 +2,17 @@
{ {
# services.outline = { services.outline = {
# enable = true; enable = true;
# storage.storageType = "local"; storage.storageType = "local";
# smtp = { # smtp = {
# host = "localhost"; # host = "localhost";
# }; # };
# }; };
services.nginx.virtualHosts."outline.ktiu.net" = { services.nginx.virtualHosts."outline.ktiu.net" = {
addSSL = true; addSSL = true;
enableACME = true; enableACME = true;
# root = "/var/www/myhost.org";
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:3000"; proxyPass = "http://127.0.0.1:3000";
extraConfig = extraConfig =

34
system/web-server/radicale.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, pkgs, ... }:
{
services.nginx.virtualHosts."kalender.ktiu.net" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:5232/";
extraConfig = ''
proxy_set_header X-Script-Name /;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Authorization;
'';
};
};
services.radicale = {
enable = true;
settings = {
server = {
hosts = [ "0.0.0.0:5232" "[::]:5232" ];
};
auth = {
type = "htpasswd";
htpasswd_filename = "/etc/radicale/users";
htpasswd_encryption = "bcrypt";
};
storage = {
filesystem_folder = "/var/lib/radicale/collections";
};
};
};
}