nix-config/hosts/containers/registry/configuration.nix

88 lignes
2.1 KiB
Nix
Brut Annotations Historique

Ce fichier contient des caractères Unicode ambigus.

Ce fichier contient des caractères Unicode qui peuvent être confondus avec d'autres caractères. Si vous pensez que c'est intentionnel, vous pouvez ignorer cet avertissement. Utilisez le bouton Échappe pour les dévoiler.

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help’).
{ config, pkgs, lib, ... }:
{
imports =
[ ../../../lib/lxc-container.nix
../../../lib/shared.nix
../../../lib/admins.nix
];
networking = {
hostName = "registry";
# usePredictableInterfacenames = false;
interfaces.eth0.ipv4.addresses = [{
address = "172.22.99.34";
prefixLength = 24;
}];
interfaces.eth0.ipv6.addresses = [{
address= "2a02:8106:208:5201::34";
prefixLength = 64;
}];
dhcpcd.denyInterfaces = [ "eth0" ];
defaultGateway = {
address = "172.22.99.1";
interface = "eth0";
metric = 10;
};
#defaultGateway6 = {
# address = "fe80::a800:42ff:fe7a:3246";
# interface = "ens18";
#};
};
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [
22
80
443
5000
];
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget
vim
];
services.dockerRegistry = {
enable = true;
storagePath = "/srv/docker-registry";
enableGarbageCollect = true;
enableDelete = true;
};
services.nginx.enable = true;
services.nginx.virtualHosts."registry.hq.c3d2.de" = {
# serverAliases = [ "registry.serv.zentralwerk.org" ];
enableACME = true;
enableSSL = true;
# forceSSL = true;
locations.".well-known/acme-challenge/" = {
root = "/var/lib/acme/acme-challenge/.well-known/acme-challenge/";
};
locations."/" = {
proxyPass = "http://localhost:5000";
};
extraConfig = ''
client_max_body_size 4096M;
gzip off;
'';
};
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "19.03"; # Did you read the comment?
}