crans
/
nixos
mirror of https://gitlab.crans.org/nounous/nixos
19
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

configuration post-factorisation

merge-requests/18/head
korenstin 2025-06-22 20:51:28 +02:00
parent 549dc069f6
commit 5d99a7fea1
3 changed files with 108 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
modules/services/anubis.nix → hosts/vm/reverseproxy/anubis.nix
View File

25
hosts/vm/reverseproxy/default.nix
View File

@ -2,18 +2,35 @@
{ {
imports = [ imports = [
./anubis.nix
./hardware-configuration.nix ./hardware-configuration.nix
./networking.nix ./networking.nix
./reverseproxy.nix ./reverseproxy.nix
../../../modules
../../../modules/services/acme.nix
../../../modules/services/anubis.nix
../../../modules/services/nginx.nix
]; ];
networking.hostName = "reverseproxy"; networking.hostName = "reverseproxy";
boot.loader.grub.devices = [ "/dev/sda" ]; boot.loader.grub.devices = [ "/dev/sda" ];
crans = {
enable = true;
networking = {
id = "51";
srvNat.enable = true;
srv = {
enable = true;
interface = "ens20";
ipv4 = "185.230.79.42";
};
};
resticClient.when = "03:42";
services = {
acme.enable = true;
};
};
system.stateVersion = "25.05"; system.stateVersion = "25.05";
} }

171
hosts/vm/reverseproxy/reverseproxy.nix
View File

@ -3,95 +3,98 @@
{ {
users.users."nginx".home = "/var/lib/nginx"; users.users."nginx".home = "/var/lib/nginx";
services.nginx.virtualHosts = services.nginx = {
let anubisConf = [ enable = true;
{ virtualHosts =
addr = "localhost"; let anubisConf = [
port = 8888; {
} addr = "localhost";
]; port = 8888;
in { }
# redirection install-party
"install-party.crans.fr" = {
enableACME = true;
forceSSL = true;
serverAliases = [
"i-p.crans.org"
"adopteunmanchot.crans.org"
"adopteunpingouin.crans.org"
"i-p.crans.fr"
"adopteunmanchot.crans.fr"
"adopteunpingouin.crans.fr"
"i-p.crans.eu"
"install-party.crans.eu"
"adopteunmanchot.crans.eu"
"adopteunpingouin.crans.eu"
]; ];
extraConfig = '' in {
return 301 https://install-party.crans.org$request_uri; # redirection install-party
''; "install-party.crans.fr" = {
}; enableACME = true;
forceSSL = true;
# redirection mediawiki serverAliases = [
"mediawiki.crans.fr" = { "i-p.crans.org"
enableACME = true; "adopteunmanchot.crans.org"
forceSSL = true; "adopteunpingouin.crans.org"
serverAliases = [ "i-p.crans.fr"
"mediakiwi.crans.org" "adopteunmanchot.crans.fr"
"mediakiwi.crans.fr" "adopteunpingouin.crans.fr"
"mediakiwi.crans.eu" "i-p.crans.eu"
"mediawiki.crans.eu" "install-party.crans.eu"
]; "adopteunmanchot.crans.eu"
extraConfig = '' "adopteunpingouin.crans.eu"
return 301 https://mediawiki.crans.org$request_uri; ];
''; extraConfig = ''
}; return 301 https://install-party.crans.org$request_uri;
'';
# redirection wiki
"wiki.crans.fr" = {
enableACME = true;
forceSSL = true;
serverAliases = [
"wikipedia.crans.org"
"wikipedia.crans.fr"
"wikipedia.crans.eu"
"wiki.crans.eu"
];
extraConfig = ''
return 301 https://wiki.crans.org$request_uri;
'';
};
# redirection anubis
"anubis" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://${config.services.anubis.instances."muraille".settings.BIND}";
}; };
serverName = "install-party.crans.org";
serverAliases = [
"mediawiki.crans.org"
"wiki.crans.org"
];
};
# install-party # redirection mediawiki
"install-party.crans.org" = { "mediawiki.crans.fr" = {
root = "/var/www/install-party.crans.org"; enableACME = true;
listen = anubisConf; forceSSL = true;
}; serverAliases = [
"mediakiwi.crans.org"
"mediakiwi.crans.fr"
"mediakiwi.crans.eu"
"mediawiki.crans.eu"
];
extraConfig = ''
return 301 https://mediawiki.crans.org$request_uri;
'';
};
# mediawiki # redirection wiki
"mediawiki.crans.org" = { "wiki.crans.fr" = {
locations."/".proxyPass = "http://172.16.10.144"; enableACME = true;
listen = anubisConf; forceSSL = true;
}; serverAliases = [
"wikipedia.crans.org"
"wikipedia.crans.fr"
"wikipedia.crans.eu"
"wiki.crans.eu"
];
extraConfig = ''
return 301 https://wiki.crans.org$request_uri;
'';
};
# wiki # redirection anubis
"wiki.crans.org" = { "anubis" = {
locations."/".proxyPass = "http://172.16.10.161"; enableACME = true;
listen = anubisConf; forceSSL = true;
locations."/" = {
proxyPass = "http://${config.services.anubis.instances."muraille".settings.BIND}";
};
serverName = "install-party.crans.org";
serverAliases = [
"mediawiki.crans.org"
"wiki.crans.org"
];
};
# install-party
"install-party.crans.org" = {
root = "/var/www/install-party.crans.org";
listen = anubisConf;
};
# mediawiki
"mediawiki.crans.org" = {
locations."/".proxyPass = "http://172.16.10.144";
listen = anubisConf;
};
# wiki
"wiki.crans.org" = {
locations."/".proxyPass = "http://172.16.10.161";
listen = anubisConf;
};
}; };
}; };
} }