summaryrefslogtreecommitdiff
path: root/Run
diff options
context:
space:
mode:
authorBen Sima <ben@bsima.me>2020-04-05 15:53:37 -0700
committerBen Sima <ben@bsima.me>2020-04-05 15:53:37 -0700
commite5dbfd32b52e35aecf961b8b80a5f70e76c3cb83 (patch)
treed450a29f3679e815a0c47b7f37d5969f2f80247b /Run
parentf0e5894c625a726b5364365298f144e862b23676 (diff)
Deploy que.run without nginx
I still have to reimplement the SSL stuff but in the Haskell code. That seems kinda hard or at least requires research that I don't wanna do right now.
Diffstat (limited to 'Run')
-rw-r--r--Run/Que/Prod.nix39
-rw-r--r--Run/Que/Server.nix (renamed from Run/Que/service.nix)28
2 files changed, 39 insertions, 28 deletions
diff --git a/Run/Que/Prod.nix b/Run/Que/Prod.nix
new file mode 100644
index 0000000..63e4be3
--- /dev/null
+++ b/Run/Que/Prod.nix
@@ -0,0 +1,39 @@
+{ config, pkgs, lib, ... }:
+{
+ imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
+ boot.loader.grub.device = "/dev/vda";
+ fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
+ networking.firewall.allowedTCPPorts = [ 22 80 443 ];
+ services.que-server = {
+ enable = true;
+ port = 80;
+ package = pkgs.que-server;
+ };
+ networking = {
+ nameservers = [
+ "67.207.67.2"
+ "67.207.67.3"
+ ];
+ defaultGateway = "157.245.224.1";
+ defaultGateway6 = "2604:a880:2:d1::1";
+ dhcpcd.enable = false;
+ usePredictableInterfaceNames = lib.mkForce true;
+ interfaces = {
+ eth0 = {
+ ipv4.addresses = [
+ { address="157.245.236.44"; prefixLength=20; }
+ { address="10.46.0.5"; prefixLength=16; }
+ ];
+ ipv6.addresses = [
+ { address="2604:a880:2:d1::a2:5001"; prefixLength=64; }
+ { address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; }
+ ];
+ ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ];
+ ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ];
+ };
+ };
+ };
+ services.udev.extraRules = ''
+ ATTR{address}=="7a:92:a5:c6:db:c3", NAME="eth0"
+ '';
+}
diff --git a/Run/Que/service.nix b/Run/Que/Server.nix
index aa68657..272ea6e 100644
--- a/Run/Que/service.nix
+++ b/Run/Que/Server.nix
@@ -11,14 +11,6 @@ in
{
options.services.que-server = {
enable = lib.mkEnableOption "Enable the que-server service";
- domain = lib.mkOption {
- type = lib.types.str;
- default = "que.run";
- description = ''
- Domain on which to host que-server. This is passed to
- services.nginx.virtualHosts.<name> directly.
- '';
- };
port = lib.mkOption {
type = lib.types.int;
default = 3000;
@@ -49,25 +41,5 @@ in
RestartSec = "1";
};
};
- services.nginx = {
- recommendedGzipSettings = true;
- recommendedOptimisation = true;
- recommendedProxySettings = true;
- recommendedTlsSettings = true;
- virtualHosts = {
- "${cfg.domain}" = {
- forceSSL = true;
- enableACME = true;
- locations."/" = {
- proxyPass = "http://localhost:${toString cfg.port}";
- extraConfig = ''
- proxy_set_header X-Real-IP $realip_remote_addr;
- proxy_set_header X-Forwarded-Host $remote_addr;
- proxy_pass_request_headers on;
- '';
- };
- };
- };
- };
};
}