nix-config/hosts/containers/ftp/default.nix

{ config, pkgs, lib, zentralwerk, ... }:

{
  c3d2 = {
    deployment = {
      server = "server9";
      mounts = [ "etc" "var"];
    };
  };

  microvm.mem = 1024;
  microvm.shares = [
    {
      tag = "ftp";
      source = "/tank/storage/ftp";
      mountPoint = "/var/www";
      proto = "virtiofs";
      socket = "ftp.socket";
    }
  ];

  networking = {
    hostName = "ftp";
    firewall.allowedTCPPorts = [ 80 443 ];
  };

  services.nginx = {
    enable = true;
    recommendedOptimisation = true;
    recommendedTlsSettings = true;
    recommendedGzipSettings = true;
    recommendedProxySettings = true;
    sslDhparam = "${config.security.dhparams.params."nginx".path}";
    defaultListenAddresses = [ "0.0.0.0" ];
  };

  services.nginx.virtualHosts."ftp.c3d2.de" = {
    default = true;
    enableACME = true;
    forceSSL = true;
    locations."/" = {
      root = "/var/www/ftp.c3d2.de";
      extraConfig = "autoindex on;";
    };
  };

  security.dhparams = {
    enable = true;
    stateful = true;
    params."nginx".bits = 4096;
  };

  services.openssh.enable = true;

  sops = {
    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
    secrets = { };
  };

  system.stateVersion = "22.05";
}
ftp: nginx 2022-07-16 20:38:23 +02:00			`{ config, pkgs, lib, zentralwerk, ... }:`

			`{`
			`c3d2 = {`
			`deployment = {`
			`server = "server9";`
			`mounts = [ "etc" "var"];`
			`};`
			`};`

			`microvm.mem = 1024;`
			`microvm.shares = [`
			`{`
			`tag = "ftp";`
			`source = "/tank/storage/ftp";`
			`mountPoint = "/var/www";`
			`proto = "virtiofs";`
			`socket = "ftp.socket";`
			`}`
			`];`

			`networking = {`
			`hostName = "ftp";`
			`firewall.allowedTCPPorts = [ 80 443 ];`
			`};`

			`services.nginx = {`
			`enable = true;`
			`recommendedOptimisation = true;`
			`recommendedTlsSettings = true;`
			`recommendedGzipSettings = true;`
			`recommendedProxySettings = true;`
			`sslDhparam = "${config.security.dhparams.params."nginx".path}";`
			`defaultListenAddresses = [ "0.0.0.0" ];`
			`};`

			`services.nginx.virtualHosts."ftp.c3d2.de" = {`
			`default = true;`
			`enableACME = true;`
			`forceSSL = true;`
			`locations."/" = {`
			`root = "/var/www/ftp.c3d2.de";`
			`extraConfig = "autoindex on;";`
			`};`
			`};`

			`security.dhparams = {`
			`enable = true;`
			`stateful = true;`
			`params."nginx".bits = 4096;`
			`};`

			`services.openssh.enable = true;`

			`sops = {`
			`age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];`
			`secrets = { };`
			`};`

			`system.stateVersion = "22.05";`
			`}`