From 6e9de7cab779be4f1ffda0bd5acb1b691f86c56e Mon Sep 17 00:00:00 2001 From: korenstin Date: Sun, 15 Jun 2025 10:19:37 +0200 Subject: [PATCH] Configuration de anubis --- hosts/vm/reverseproxy/default.nix | 25 ++----------- hosts/vm/reverseproxy/reverseproxy.nix | 50 ++++++++++++++++++++++++++ modules/services/anubis.nix | 16 +++++++++ 3 files changed, 68 insertions(+), 23 deletions(-) create mode 100644 hosts/vm/reverseproxy/reverseproxy.nix create mode 100644 modules/services/anubis.nix diff --git a/hosts/vm/reverseproxy/default.nix b/hosts/vm/reverseproxy/default.nix index d11816e..9cba21a 100644 --- a/hosts/vm/reverseproxy/default.nix +++ b/hosts/vm/reverseproxy/default.nix @@ -4,9 +4,11 @@ imports = [ ./hardware-configuration.nix ./networking.nix + ./reverseproxy.nix ../../../modules ../../../modules/services/acme.nix + ../../../modules/services/anubis.nix ../../../modules/services/nginx.nix ]; @@ -14,27 +16,4 @@ boot.loader.grub.devices = [ "/dev/sda" ]; system.stateVersion = "25.05"; - - users.users."nginx".home = "/var/lib/nginx"; - - services.nginx.virtualHosts = { - "install-party.crans.org" = { - enableACME = true; - forceSSL = true; - serverAliases = [ - "i-p.crans.org" - "adopteunmanchot.crans.org" - "adopteunpingouin.crans.org" - "i-p.crans.fr" - "install-party.crans.fr" - "adopteunmanchot.crans.fr" - "adopteunpingouin.crans.fr" - "i-p.crans.eu" - "install-party.crans.eu" - "adopteunmanchot.crans.eu" - "adopteunpingouin.crans.eu" - ]; - root = "/var/www/install-party.crans.org"; - }; - }; } diff --git a/hosts/vm/reverseproxy/reverseproxy.nix b/hosts/vm/reverseproxy/reverseproxy.nix new file mode 100644 index 0000000..336a3da --- /dev/null +++ b/hosts/vm/reverseproxy/reverseproxy.nix @@ -0,0 +1,50 @@ +{ ... }: + +{ + users.users."nginx".home = "/var/lib/nginx"; + + services.nginx.virtualHosts = { + # redirection install-party + "install-party.crans.fr" = { + enableACME = true; + forceSSL = true; + serverAliases = [ + "i-p.crans.org" + "adopteunmanchot.crans.org" + "adopteunpingouin.crans.org" + "i-p.crans.fr" + "install-party.crans.fr" + "adopteunmanchot.crans.fr" + "adopteunpingouin.crans.fr" + "i-p.crans.eu" + "install-party.crans.eu" + "adopteunmanchot.crans.eu" + "adopteunpingouin.crans.eu" + ]; + extraConfig = '' + return 301 https://install-party.crans.org$request_uri; + ''; + }; + + # redirection anubis + "anubis" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:7777"; + }; + serverName = "install-party.crans.org"; + }; + + # page install-party + "install-party.crans.org" = { + root = "/var/www/install-party.crans.org"; + listen = [ + { + addr = "localhost"; + port = 8888; + } + ]; + }; + }; +} diff --git a/modules/services/anubis.nix b/modules/services/anubis.nix new file mode 100644 index 0000000..86fb7b5 --- /dev/null +++ b/modules/services/anubis.nix @@ -0,0 +1,16 @@ +{ ... }: + +{ + services.anubis = { + instances."muraille" = { + enable = true; + settings = { + BIND_NETWORK = "tcp"; + BIND = "127.0.0.1:7777"; + TARGET = "http://localhost:8888"; + COOKIE_DOMAIN = "crans.org"; + REDIRECT_DOMAINS = "install-party.crans.org"; + }; + }; + }; +}