nixos-config/modules/nix-serve/default.nix

32 lines
807 B
Nix
Raw Normal View History

2022-06-15 12:00:20 +02:00
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.eboskma.nix-serve;
in
{
options.eboskma.nix-serve = { enable = mkEnableOption "nix-serve"; };
2022-10-05 11:32:13 +02:00
config = mkIf cfg.enable {
2022-06-15 12:00:20 +02:00
services.nix-serve = {
enable = true;
secretKeyFile = "/var/cache-priv-key.pem";
bindAddress = "127.0.0.1";
};
2022-08-14 16:38:25 +02:00
systemd.tmpfiles.rules = [ "C /run/cache-priv-key.pem 400 nix-serve root - ${config.services.nix-serve.secretKeyFile}" ];
2022-06-15 12:00:20 +02:00
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"loki.datarift.nl" = {
serverAliases = [ "loki" ];
locations."/".proxyPass = "http://localhost:${toString config.services.nix-serve.port}";
};
};
};
networking.firewall.allowedTCPPorts = [ 80 ];
};
}