1 changed files with 102 additions and 0 deletions
@ -0,0 +1,102 @@
|
||||
[ <nixpkgs/nixos/modules/profiles/minimal.nix> |
||||
]; |
||||
nix.useSandbox = false; |
||||
nix.maxJobs = lib.mkDefault 4; |
||||
|
||||
boot.isContainer = true; |
||||
# /sbin/init |
||||
boot.loader.initScript.enable = true; |
||||
boot.loader.grub.enable = false; |
||||
#boot.supportedFilesystems = ["zfs" "ext2" "ext3" "vfat" "fat32" "bcache" "bcachefs"]; |
||||
|
||||
fileSystems."/" = { fsType = "rootfs"; device = "rootfs"; }; |
||||
|
||||
#networking.hostName = "docker-registry"; # Define your hostname. |
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. |
||||
#networking.useNetworkd = true; |
||||
|
||||
networking = { |
||||
hostName = "registry"; |
||||
# usePredictableInterfacenames = false; |
||||
interfaces.eth0.ipv4.addresses = [{ |
||||
address = "172.22.99.34"; |
||||
prefixLength = 24; |
||||
}]; |
||||
interfaces.eth0.ipv6.addresses = [{ |
||||
address= "2a02:8106:208:5201::34"; |
||||
prefixLength = 64; |
||||
}]; |
||||
|
||||
dhcpcd.denyInterfaces = [ "eth0" ]; |
||||
|
||||
nameservers = [ "8.8.8.8" "9.9.9.9" ]; |
||||
|
||||
defaultGateway = { |
||||
address = "172.22.99.1"; |
||||
interface = "eth0"; |
||||
metric = 10; |
||||
}; |
||||
#defaultGateway6 = { |
||||
# address = "fe80::a800:42ff:fe7a:3246"; |
||||
# interface = "ens18"; |
||||
#}; |
||||
}; |
||||
|
||||
services.openssh.enable = true; |
||||
|
||||
# Open ports in the firewall. |
||||
networking.firewall.allowedTCPPorts = [ |
||||
22 |
||||
80 |
||||
443 |
||||
5000 |
||||
]; |
||||
|
||||
# Set your time zone. |
||||
time.timeZone = "Europe/Berlin"; |
||||
# Select internationalisation properties. |
||||
i18n = { |
||||
defaultLocale = "en_US.UTF-8"; |
||||
supportedLocales = lib.mkForce [ "en_US.UTF-8/UTF-8" ]; |
||||
}; |
||||
|
||||
# List packages installed in system profile. To search, run: |
||||
# $ nix search wget |
||||
environment.systemPackages = with pkgs; [ |
||||
wget |
||||
vim |
||||
]; |
||||
|
||||
# Create a few files early before packing tarball for Proxmox |
||||
# architecture/OS detection. |
||||
system.extraSystemBuilderCmds = |
||||
'' |
||||
mkdir -m 0755 -p $out/bin |
||||
ln -s ${pkgs.bash}/bin/bash $out/bin/sh |
||||
mkdir -m 0755 -p $out/sbin |
||||
ln -s ../init $out/sbin/init |
||||
''; |
||||
|
||||
services.dockerRegistry.enable = true; |
||||
|
||||
services.nginx.enable = true; |
||||
services.nginx.virtualHosts."registry.hq.c3d2.de" = { |
||||
enableACME = true; |
||||
enableSSL = true; |
||||
# forceSSL = true; |
||||
locations.".well-known/acme-challenge/" = { |
||||
root = "/var/lib/acme/acme-challenge/.well-known/acme-challenge/"; |
||||
}; |
||||
locations."/" = { |
||||
proxyPass = "http://localhost:5000"; |
||||
}; |
||||
}; |
||||
|
||||
# This value determines the NixOS release with which your system is to be |
||||
# compatible, in order to avoid breaking some software such as database |
||||
# servers. You should change this only after NixOS release notes say you |
||||
# should. |
||||
system.stateVersion = "18.09"; # Did you read the comment? |
||||
} |
||||
|
||||
|
Loading…
Reference in new issue