Mover storage-ng to server7/storage

2020-01-26 18:49:43 +01:00 · 2020-01-26 18:49:43 +01:00 · 5432f02510
parent 8d1d2b5fda
commit 5432f02510
3 changed files with 45 additions and 29 deletions
--- a/host-registry.nix
+++ b/host-registry.nix
@ -58,6 +58,7 @@ rec {
    };
    server7.publicKey =
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMiDm1b0NubTtcE9NuKrIpEOea5oS/yCW0Ncoaf/w3uy";
+    storage = { };

  };

--- a/hosts/server7/containers/storage/default.nix
+++ b/hosts/server7/containers/storage/default.nix
@ -0,0 +1,44 @@
+name:
+
+(import ../outer-defaults.nix name) // {
+
+  bindMounts."/srv/files" = {
+    hostPath = "/srv/ceph/c3d2/files";
+    isReadOnly = true;
+  };
+
+  config = { config, pkgs, lib, ... }: {
+    imports = [ ../inner-defaults.nix ];
+
+    c3d2.hq.statistics.enable = true;
+
+    services.nginx = {
+      enable = true;
+      package = pkgs.nginx.override {
+        modules = with pkgs.nginxModules; [ fancyindex ];
+      };
+      virtualHosts = {
+        "storage.hq.c3d2.de" = {
+          default = true;
+          http2 = true;
+          # addSSL = true;
+          locations = {
+            "/" = let authFile = pkgs.writeText "htpasswd" "k-ot:sawCOTsl/fIUY";
+            in {
+              alias = "/srv/files/";
+              extraConfig = ''
+                		auth_basic "Chaos";
+                		auth_basic_user_file ${authFile};
+                                fancyindex on;
+                                # autoindex on;
+                              '';
+            };
+          };
+        };
+      };
+    };
+
+    networking.firewall.enable = false;
+  };
+
+}
--- a/hosts/storage-ng/configuration.nix
+++ b/hosts/storage-ng/configuration.nix
@ -106,38 +106,9 @@ in {
    root = "/mnt/cephfs/c3d2/tftp";
  };

-  services.nginx = {
-    enable = true;
-    #modules = [ pkgs.nginxModules.nixfancyindex ];
-    package =
-      pkgs.nginx.override { modules = with pkgs.nginxModules; [ fancyindex ]; };
-    virtualHosts = {
-      "storage-ng.hq.c3d2.de" = {
-        root = "/etc/nixos/www";
-        serverAliases = [ "storage" "storage2" "storageng" ];
-        http2 = true;
-        # addSSL = true;
-        locations = {
-          "/" = let authFile = pkgs.writeText "htpasswd" "k-ot:sawCOTsl/fIUY";
-          in {
-            alias = "/mnt/cephfs/c3d2/files/";
-            extraConfig = ''
-              		auth_basic "Chaos";
-              		auth_basic_user_file ${authFile};
-                              fancyindex on;
-                              # autoindex on;
-                            '';
-          };
-        };
-      };
-    };
-  };
-
  /* # Open ports in the firewall.
     networking.firewall.allowedTCPPorts = [
       23
-       80
-       443
      ];
     networking.firewall.allowedUDPPorts = [
       69