C3D2
/
nix-config
Watch 16
Star 4
Fork 2
Code Issues 0 Pull Requests 1 Releases 0 Wiki Activity
configurations of hq services
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
90 Commits
5 Branches
Tree: fb9d929bc4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fb9d929bc4'
${ noResults }
nix-config/hosts/containers/registry/configuration.nix

configuration.nix 2.1KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. # Edit this configuration file to define what should be installed on

  2. # your system.  Help is available in the configuration.nix(5) man page

  3. # and in the NixOS manual (accessible by running ‘nixos-help’).

  4. 

  5. { config, pkgs, lib, ... }:

  6. 

  7. {

  8.   imports =

  9.     [ ../../../lib/lxc-container.nix

  10.     ../../../lib/shared.nix

  11.     ../../../lib/admins.nix

  12.   ];

  13. 

  14.   networking = {

  15.     hostName = "registry";

  16.     # usePredictableInterfacenames = false;

  17.     interfaces.eth0.ipv4.addresses = [{

  18.         address = "172.22.99.34";

  19.         prefixLength = 24;

  20.     }];

  21.     interfaces.eth0.ipv6.addresses = [{

  22.         address= "2a02:8106:208:5201::34";

  23.         prefixLength = 64;

  24.     }];

  25. 

  26.     dhcpcd.denyInterfaces = [ "eth0" ];

  27. 

  28.     defaultGateway = {

  29.        address = "172.22.99.1";

  30.        interface = "eth0";

  31.        metric = 10;

  32.     };

  33.     #defaultGateway6 = {

  34.     #  address = "fe80::a800:42ff:fe7a:3246";

  35.     #  interface = "ens18";

  36.     #};

  37.   };

  38.   

  39.   # Open ports in the firewall.

  40.   networking.firewall.allowedTCPPorts = [

  41.     22

  42.     80

  43.     443

  44.     5000

  45.    ]; 

  46. 

  47. 

  48.   # List packages installed in system profile. To search, run:

  49.   # $ nix search wget

  50.   environment.systemPackages = with pkgs; [

  51.     wget

  52.     vim

  53.   ];

  54.   

  55.   services.dockerRegistry = {

  56.     enable = true;

  57.     storagePath = "/srv/docker-registry";

  58.     enableGarbageCollect = true;

  59.     enableDelete = true;

  60.   };

  61. 

  62.   services.nginx.enable = true;

  63.   services.nginx.virtualHosts."registry.hq.c3d2.de" = {

  64.     # serverAliases = [ "registry.serv.zentralwerk.org" ];

  65.     enableACME = true;

  66.     enableSSL = true;

  67.     # forceSSL = true;

  68.     locations.".well-known/acme-challenge/" = {

  69.            root = "/var/lib/acme/acme-challenge/.well-known/acme-challenge/";

  70.     };

  71.     locations."/" = {

  72.            proxyPass = "http://localhost:5000";

  73.     };

  74.     extraConfig = ''

  75.       client_max_body_size 4096M;

  76.       gzip off;

  77.     '';

  78.   };

  79. 

  80.   # This value determines the NixOS release with which your system is to be

  81.   # compatible, in order to avoid breaking some software such as database

  82.   # servers. You should change this only after NixOS release notes say you

  83.   # should.

  84.   system.stateVersion = "19.03"; # Did you read the comment?

  85. }

  86.