add nginx webserver

2024-11-09 07:43:31 -06:00
parent c724557c9e
commit 672b90933c
7 changed files with 59 additions and 15 deletions
--- a/system-config/services/containers/authentik-nix/default.nix
+++ b/system-config/services/containers/authentik-nix/default.nix
@@ -5,10 +5,6 @@
        default = false;
    };

-    imports = [
-        inputs.authentik-nix.nixosModules.default
-    ];
-
    config = lib.mkIf config.sysconfig.opts.virtualization.authentik.enable {

        sops.templates."authentik.env" = {
@@ -33,6 +29,10 @@
                };
            };
            config = {
+
+                imports = [
+                    inputs.authentik-nix.nixosModules.default
+                ];
                
                services.authentik = {

@@ -43,6 +43,8 @@
                        avatars = "initials";
                    };
                };
+
+                networking.firewall.enable = false;
            };
        };

--- a/system-config/services/containers/default.nix
+++ b/system-config/services/containers/default.nix
@@ -4,5 +4,6 @@
        ./gitlab
        ./traefik
        ./authentik-nix
+        ./nginx
    ];
 }
--- a/system-config/services/containers/httpd/default.nix
+++ b/system-config/services/containers/httpd/default.nix
--- a/system-config/services/containers/nginx/default.nix
+++ b/system-config/services/containers/nginx/default.nix
@@ -0,0 +1,39 @@
+{ config, lib, ... }: {
+    
+    options.sysconfig.opts.virtualization."blunkall.us".enable = lib.mkOption {
+        type = lib.types.bool;
+        default = false;
+    };
+
+    config = lib.mkIf config.sysconfig.opts.virtualization."blunkall.us".enable {
+
+        containers.blunkall_us = {
+
+            autoStart = true;
+            privateNetwork = true;
+            hostAddress = "192.168.100.10";
+            localAddress = "192.168.100.13";
+
+            bindMounts = {
+                "/var/www/data" = {
+                    hostPath = "/ssd1/blunkall_us/data";
+                    isReadOnly = false;
+                };
+            };
+
+            config = {
+
+                services.nginx = {
+                    enable = true;
+                    virtualHosts."blunkall.us" = {
+                        enableACME = false;
+                        forceSSL = false;
+                        root = "/var/www/data";
+                    };
+                };
+
+                networking.firewall.allowedTCPPorts = [ 80 ];
+            };
+        };
+    };
+}
--- a/system-config/services/containers/traefik/default.nix
+++ b/system-config/services/containers/traefik/default.nix
@@ -176,7 +176,7 @@
                            services = {
                                #gitlab.loadBalancer.servers = [ { url = "http://192.168.100.12:80"; } ];

-                                homepage.loadBalancer.servers = [ { url = "http://192.168.100.10:8000"; } ];
+                                homepage.loadBalancer.servers = [ { url = "http://192.168.100.13:80"; } ];
                            };
                        };
                    };