forked from Drift/pvv-nixos-config
Compare commits
5 Commits
setup-home
...
main
Author | SHA1 | Date |
---|---|---|
Jon Martinus Rodtang | 0c816068fe | |
Daniel Lovbrotte Olsen | d8031ecca1 | |
Daniel Lovbrotte Olsen | 1ef033c754 | |
Felix Albrigtsen | d900dc1b1b | |
Oystein Kristoffer Tveit | d5985e02f3 |
|
@ -5,13 +5,12 @@
|
|||
|
||||
../../base.nix
|
||||
../../misc/metrics-exporters.nix
|
||||
../../modules/home-areas.nix
|
||||
|
||||
#./services/keycloak.nix
|
||||
|
||||
# TODO: set up authentication for the following:
|
||||
# ./services/website.nix
|
||||
./services/nginx.nix
|
||||
./services/nginx
|
||||
./services/gitea/default.nix
|
||||
./services/webmail
|
||||
# ./services/mediawiki.nix
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
{ pkgs, config, ... }:
|
||||
{
|
||||
imports = [
|
||||
./ingress.nix
|
||||
];
|
||||
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
defaults.email = "drift@pvv.ntnu.no";
|
|
@ -0,0 +1,55 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
services.nginx.virtualHosts = {
|
||||
"www2.pvv.ntnu.no" = {
|
||||
serverAliases = [ "www2.pvv.org" "pvv.ntnu.no" "pvv.org" ];
|
||||
addSSL = true;
|
||||
enableACME = true;
|
||||
|
||||
locations = {
|
||||
# Proxy home directories
|
||||
"/~" = {
|
||||
extraConfig = ''
|
||||
proxy_redirect off;
|
||||
proxy_pass https://tom.pvv.ntnu.no;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
'';
|
||||
};
|
||||
|
||||
# Redirect old wiki entries
|
||||
"/disk".return = "301 https://www.pvv.ntnu.no/pvv/Diskkjøp";
|
||||
"/dok/boker.php".return = "301 https://www.pvv.ntnu.no/pvv/Bokhyllen";
|
||||
"/styret/lover/".return = "301 https://www.pvv.ntnu.no/pvv/Lover";
|
||||
"/styret/".return = "301 https://www.pvv.ntnu.no/pvv/Styret";
|
||||
"/info/".return = "301 https://www.pvv.ntnu.no/pvv/";
|
||||
"/info/maskinpark/".return = "301 https://www.pvv.ntnu.no/pvv/Maskiner";
|
||||
"/medlemssider/meldinn.php".return = "301 https://www.pvv.ntnu.no/pvv/Medlemskontingent";
|
||||
"/diverse/medlems-sider.php".return = "301 https://www.pvv.ntnu.no/pvv/Medlemssider";
|
||||
"/cert/".return = "301 https://www.pvv.ntnu.no/pvv/CERT";
|
||||
"/drift".return = "301 https://www.pvv.ntnu.no/pvv/Drift";
|
||||
"/diverse/abuse.php".return = "301 https://www.pvv.ntnu.no/pvv/CERT/Abuse";
|
||||
"/nerds/".return = "301 https://www.pvv.ntnu.no/pvv/Nerdepizza";
|
||||
|
||||
# TODO: Redirect webmail
|
||||
"/webmail".return = "301 https://webmail.pvv.ntnu.no/squirrelmail";
|
||||
|
||||
# Redirect everything else to the main website
|
||||
"/".return = "301 https://www.pvv.ntnu.no$request_uri";
|
||||
|
||||
# Proxy the matrix well-known files
|
||||
# Host has be set before proxy_pass
|
||||
# The header must be set so nginx on the other side routes it to the right place
|
||||
"/.well-known/matrix/" = {
|
||||
extraConfig = ''
|
||||
proxy_set_header Host matrix.pvv.ntnu.no;
|
||||
proxy_pass https://matrix.pvv.ntnu.no/.well-known/matrix/;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -5,7 +5,6 @@
|
|||
|
||||
../../base.nix
|
||||
../../misc/metrics-exporters.nix
|
||||
../../modules/home-areas.nix
|
||||
./services/nginx
|
||||
|
||||
./acmeCert.nix
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
./hardware-configuration.nix
|
||||
../../base.nix
|
||||
../../misc/metrics-exporters.nix
|
||||
../../modules/home-areas.nix
|
||||
|
||||
./services/openvpn-client.nix
|
||||
];
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
./hardware-configuration.nix
|
||||
../../base.nix
|
||||
../../misc/metrics-exporters.nix
|
||||
../../modules/home-areas.nix
|
||||
|
||||
./services/nginx
|
||||
./services/metrics
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
./hardware-configuration.nix
|
||||
../../base.nix
|
||||
../../misc/metrics-exporters.nix
|
||||
../../modules/home-areas.nix
|
||||
];
|
||||
|
||||
sops.defaultSopsFile = ../../secrets/shark/shark.yaml;
|
||||
|
|
|
@ -1,27 +0,0 @@
|
|||
{ pkgs, lib, ... }:
|
||||
{
|
||||
fileSystems = let
|
||||
shorthandAreas = {
|
||||
# See toriel:/etc/exports
|
||||
"/home/pvv/t/pederbs" = "homepvvt.pvv.ntnu.no:/export/home/pvv/t/pederbs";
|
||||
"/home/pvv/t/yorinad" = "homepvvt.pvv.ntnu.no:/export/home/pvv/t/yorinad";
|
||||
}
|
||||
//
|
||||
# See microbel:/etc/exports
|
||||
(lib.listToAttrs (map
|
||||
(l: lib.nameValuePair "/home/pvv/${l}" "homepvv${l}.pvv.ntnu.no:/export/home/pvv/${l}")
|
||||
[ "a" "b" "c" "d" "h" "i" "j" "k" "l" "m" "z" ]));
|
||||
in { }
|
||||
//
|
||||
(lib.mapAttrs (_: device: {
|
||||
inherit device;
|
||||
fsType = "nfs";
|
||||
options = [
|
||||
"nfsvers=3"
|
||||
"noauto"
|
||||
"proto=tcp"
|
||||
"x-systemd.automount"
|
||||
"x-systemd.idle-timeout=300"
|
||||
];
|
||||
}) shorthandAreas);
|
||||
}
|
|
@ -3,7 +3,7 @@
|
|||
{
|
||||
users.users.jonmro = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ];
|
||||
extraGroups = [ "wheel" "drift" "nix-builder-users" ];
|
||||
shell = pkgs.zsh;
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEm5PfYmfl/0fnAP/3coVlvTw3/TYNLT6r/NwJHZbLAK jonrodtang@gmail.com"
|
||||
|
|
Loading…
Reference in New Issue