mirror of
https://github.com/RGBCube/ncc
synced 2025-07-29 11:07:44 +00:00
feat: add nix-serve to best
This commit is contained in:
parent
20ce1c9ff5
commit
5c9b98bdfc
5 changed files with 47 additions and 5 deletions
27
hosts/best/nix-serve/default.nix
Normal file
27
hosts/best/nix-serve/default.nix
Normal file
|
@ -0,0 +1,27 @@
|
|||
{ self, config, lib, pkgs, ... }: let
|
||||
inherit (config.networking) domain;
|
||||
inherit (lib) enabled merge;
|
||||
|
||||
fqdn = "cache.${domain}";
|
||||
port = 8003;
|
||||
in {
|
||||
imports = [(self + /modules/nginx.nix)];
|
||||
|
||||
secrets.nixServeKey = {
|
||||
file = ./key.age;
|
||||
owner = "nix-serve";
|
||||
};
|
||||
|
||||
services.nix-serve = enabled {
|
||||
package = pkgs.nix-serve-ng;
|
||||
secretKeyFile = config.secrets.nixServeKey.path;
|
||||
|
||||
# Not ::1 because nix-serve doesn't like that.
|
||||
bindAddress = "127.0.0.1";
|
||||
inherit port;
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts.${fqdn} = merge config.services.nginx.sslTemplate {
|
||||
locations."/".proxyPass = "http://127.0.0.1:${toString port}";
|
||||
};
|
||||
}
|
8
hosts/best/nix-serve/key.age
Normal file
8
hosts/best/nix-serve/key.age
Normal file
|
@ -0,0 +1,8 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 8y3T6w +fPOWUbuD+JGfimuJnNa0wBpQyxC2nXGLGFdxAhfwns
|
||||
bonLQGaN8rp0KmZHW9efsPyCQ8eujuxEB9p7Ewdp4Bo
|
||||
-> ssh-ed25519 CzqbPQ 91liBCRmtq4YGG8Zz6+ObSEDlGVmA8Jn+NPQzTLQoGY
|
||||
Gurxg2Tp1sdpz7xESiZCVw5BAuMI5vYH/UtdrFH9vd0
|
||||
--- MJVivHhiqkVMke+mib2EZiFeZFX/BnFuEUctH+fdwd4
|
||||
8k
|
||||
Ôh}p©®lðz¾!I{xÃ
<0A>z@SíZy/‘ôC3JÞQ:t¯ñ»NS&<26>CXw<58>·`%ÕûE {£f'Oä<Äq‹<71>ï\‚;yù‚S—AöùÒ!‚Û_Ù<pñJ „@#‰Û·É(Õ63(«/G·ØgãIvÄ%ýºœ†
|
Loading…
Add table
Add a link
Reference in a new issue