configurations of hq services
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

configuration.nix 2.8KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. [ <nixpkgs/nixos/modules/profiles/minimal.nix>
  2. ];
  3. nix.useSandbox = false;
  4. nix.maxJobs = lib.mkDefault 4;
  5. boot.isContainer = true;
  6. # /sbin/init
  7. boot.loader.initScript.enable = true;
  8. boot.loader.grub.enable = false;
  9. #boot.supportedFilesystems = ["zfs" "ext2" "ext3" "vfat" "fat32" "bcache" "bcachefs"];
  10. fileSystems."/" = { fsType = "rootfs"; device = "rootfs"; };
  11. #networking.hostName = "docker-registry"; # Define your hostname.
  12. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
  13. #networking.useNetworkd = true;
  14. networking = {
  15. hostName = "registry";
  16. # usePredictableInterfacenames = false;
  17. interfaces.eth0.ipv4.addresses = [{
  18. address = "172.22.99.34";
  19. prefixLength = 24;
  20. }];
  21. interfaces.eth0.ipv6.addresses = [{
  22. address= "2a02:8106:208:5201::34";
  23. prefixLength = 64;
  24. }];
  25. dhcpcd.denyInterfaces = [ "eth0" ];
  26. nameservers = [ "8.8.8.8" "9.9.9.9" ];
  27. defaultGateway = {
  28. address = "172.22.99.1";
  29. interface = "eth0";
  30. metric = 10;
  31. };
  32. #defaultGateway6 = {
  33. # address = "fe80::a800:42ff:fe7a:3246";
  34. # interface = "ens18";
  35. #};
  36. };
  37. services.openssh.enable = true;
  38. # Open ports in the firewall.
  39. networking.firewall.allowedTCPPorts = [
  40. 22
  41. 80
  42. 443
  43. 5000
  44. ];
  45. # Set your time zone.
  46. time.timeZone = "Europe/Berlin";
  47. # Select internationalisation properties.
  48. i18n = {
  49. defaultLocale = "en_US.UTF-8";
  50. supportedLocales = lib.mkForce [ "en_US.UTF-8/UTF-8" ];
  51. };
  52. # List packages installed in system profile. To search, run:
  53. # $ nix search wget
  54. environment.systemPackages = with pkgs; [
  55. wget
  56. vim
  57. ];
  58. # Create a few files early before packing tarball for Proxmox
  59. # architecture/OS detection.
  60. system.extraSystemBuilderCmds =
  61. ''
  62. mkdir -m 0755 -p $out/bin
  63. ln -s ${pkgs.bash}/bin/bash $out/bin/sh
  64. mkdir -m 0755 -p $out/sbin
  65. ln -s ../init $out/sbin/init
  66. '';
  67. services.dockerRegistry.enable = true;
  68. services.nginx.enable = true;
  69. services.nginx.virtualHosts."registry.hq.c3d2.de" = {
  70. enableACME = true;
  71. enableSSL = true;
  72. # forceSSL = true;
  73. locations.".well-known/acme-challenge/" = {
  74. root = "/var/lib/acme/acme-challenge/.well-known/acme-challenge/";
  75. };
  76. locations."/" = {
  77. proxyPass = "http://localhost:5000";
  78. };
  79. extraConfig = ''
  80. client_max_body_size 2048M;
  81. gzip off;
  82. '';
  83. };
  84. # This value determines the NixOS release with which your system is to be
  85. # compatible, in order to avoid breaking some software such as database
  86. # servers. You should change this only after NixOS release notes say you
  87. # should.
  88. system.stateVersion = "18.09"; # Did you read the comment?
  89. }