90 lines
1.8 KiB
Nix
90 lines
1.8 KiB
Nix
{ modulesPath, pkgs, unstable, config, ... }:
|
|
|
|
{
|
|
imports = [
|
|
# Include the default lxd configuration.
|
|
"${modulesPath}/virtualisation/proxmox-lxc.nix"
|
|
# Include the container-specific autogenerated configuration.
|
|
./lxd.nix
|
|
];
|
|
|
|
networking = {
|
|
dhcpcd.enable = false;
|
|
useDHCP = false;
|
|
useHostResolvConf = false;
|
|
firewall.enable = false;
|
|
nameservers = ["192.168.1.155" "1.1.1.1"];
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
git
|
|
curl
|
|
vim
|
|
];
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
};
|
|
|
|
services.nginx.virtualHosts."forgejo.nix02.cluster" = {
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8312";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts."forge.amy.mov" = {
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8312";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
|
|
services.forgejo = {
|
|
enable = true;
|
|
package = unstable.forgejo;
|
|
settings = {
|
|
server = {
|
|
HTTP_PORT = 8312;
|
|
ROOT_URL = "https://forge.amy.mov";
|
|
};
|
|
};
|
|
|
|
database = {
|
|
createDatabase = false;
|
|
|
|
type = "postgres";
|
|
host = "nix01.cluster";
|
|
name = "forgejo";
|
|
user = "forgejo";
|
|
passwordFile = config.age.secrets."forgejo.dbpass".path;
|
|
};
|
|
};
|
|
|
|
services.authentik = {
|
|
enable = true;
|
|
environmentFile = config.age.secrets."authentik.env".path;
|
|
|
|
nginx = {
|
|
enable = true;
|
|
enableACME = false;
|
|
host = "auth.nix02.cluster";
|
|
};
|
|
|
|
createDatabase = false;
|
|
|
|
settings = {
|
|
postgresql = {
|
|
host = "nix01.cluster";
|
|
user = "authentik";
|
|
password = "authentik";
|
|
name = "authentik";
|
|
};
|
|
|
|
disable_startup_analytics = true;
|
|
avatars = "initials";
|
|
};
|
|
};
|
|
|
|
system.stateVersion = "24.11"; # Did you read the comment?
|
|
}
|