nixos-config/configs/workhorse/bepasty.nix

59 lines
1.5 KiB
Nix
Raw Normal View History

2019-10-24 02:20:38 +02:00
{ config, pkgs, lib, ... }:
with lib;
2019-12-20 05:54:26 +01:00
let port = 8000;
2019-10-24 02:20:38 +02:00
in {
# configure nginx
services.nginx = {
enable = true;
virtualHosts = {
"paste.workhorse.private" = {
locations."/" = {
proxyPass = "http://localhost:${toString port}";
extraConfig = ''
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90;
2019-12-20 05:54:26 +01:00
proxy_redirect http://localhost:${
toString port
} https://paste.workhorse.private/;
2019-10-24 02:20:38 +02:00
'';
};
};
};
};
krops.userKeys."bepasty" = {
user = "bepasty";
source = toString <secrets/bepasty-secret-key>;
requiredBy = [ "bepasty-server-ingolf-wagner.de-gunicorn.service" ];
};
services.bepasty = {
enable = true;
servers."ingolf-wagner.de" = {
bind = "0.0.0.0:${toString port}";
secretKeyFile = config.krops.userKeys."bepasty".target;
extraConfig = ''
PERMISSIONS = {
2019-12-20 05:54:26 +01:00
'${
lib.fileContents <common_secrets/bepasty/admin-password>
}': 'admin,list,create,read,delete',
2019-10-24 02:20:38 +02:00
}
'';
};
};
2019-12-20 05:54:26 +01:00
# fix bepasty service
2019-10-24 02:20:38 +02:00
nixpkgs.overlays = let
2019-12-20 05:54:26 +01:00
overlay = self: super: {
bepasty =
super.bepasty.override { python3Packages = pkgs.python27Packages; };
2019-10-24 02:20:38 +02:00
};
2019-12-20 05:54:26 +01:00
in [ overlay ];
2019-10-24 02:20:38 +02:00
}