diff options
author | Ben Sima <ben@bsima.me> | 2020-04-05 15:53:37 -0700 |
---|---|---|
committer | Ben Sima <ben@bsima.me> | 2020-04-05 15:53:37 -0700 |
commit | e5dbfd32b52e35aecf961b8b80a5f70e76c3cb83 (patch) | |
tree | d450a29f3679e815a0c47b7f37d5969f2f80247b /Run | |
parent | f0e5894c625a726b5364365298f144e862b23676 (diff) |
Deploy que.run without nginx
I still have to reimplement the SSL stuff but in the Haskell code. That
seems kinda hard or at least requires research that I don't wanna do
right now.
Diffstat (limited to 'Run')
-rw-r--r-- | Run/Que/Prod.nix | 39 | ||||
-rw-r--r-- | Run/Que/Server.nix (renamed from Run/Que/service.nix) | 28 |
2 files changed, 39 insertions, 28 deletions
diff --git a/Run/Que/Prod.nix b/Run/Que/Prod.nix new file mode 100644 index 0000000..63e4be3 --- /dev/null +++ b/Run/Que/Prod.nix @@ -0,0 +1,39 @@ +{ config, pkgs, lib, ... }: +{ + imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ]; + boot.loader.grub.device = "/dev/vda"; + fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; }; + networking.firewall.allowedTCPPorts = [ 22 80 443 ]; + services.que-server = { + enable = true; + port = 80; + package = pkgs.que-server; + }; + networking = { + nameservers = [ + "67.207.67.2" + "67.207.67.3" + ]; + defaultGateway = "157.245.224.1"; + defaultGateway6 = "2604:a880:2:d1::1"; + dhcpcd.enable = false; + usePredictableInterfaceNames = lib.mkForce true; + interfaces = { + eth0 = { + ipv4.addresses = [ + { address="157.245.236.44"; prefixLength=20; } + { address="10.46.0.5"; prefixLength=16; } + ]; + ipv6.addresses = [ + { address="2604:a880:2:d1::a2:5001"; prefixLength=64; } + { address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; } + ]; + ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ]; + ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ]; + }; + }; + }; + services.udev.extraRules = '' + ATTR{address}=="7a:92:a5:c6:db:c3", NAME="eth0" + ''; +} diff --git a/Run/Que/service.nix b/Run/Que/Server.nix index aa68657..272ea6e 100644 --- a/Run/Que/service.nix +++ b/Run/Que/Server.nix @@ -11,14 +11,6 @@ in { options.services.que-server = { enable = lib.mkEnableOption "Enable the que-server service"; - domain = lib.mkOption { - type = lib.types.str; - default = "que.run"; - description = '' - Domain on which to host que-server. This is passed to - services.nginx.virtualHosts.<name> directly. - ''; - }; port = lib.mkOption { type = lib.types.int; default = 3000; @@ -49,25 +41,5 @@ in RestartSec = "1"; }; }; - services.nginx = { - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - virtualHosts = { - "${cfg.domain}" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://localhost:${toString cfg.port}"; - extraConfig = '' - proxy_set_header X-Real-IP $realip_remote_addr; - proxy_set_header X-Forwarded-Host $remote_addr; - proxy_pass_request_headers on; - ''; - }; - }; - }; - }; }; } |