Browse Source

radiobert: deploy into serv, add nginx

nek0/mail_redux
Astro 8 months ago
parent
commit
9a7a585f63
  1. 8
      flake.lock
  2. 2
      host-registry.nix
  3. 4
      hosts/containers/public-access-proxy/default.nix
  4. 32
      hosts/radiobert/default.nix

8
flake.lock

@ -198,11 +198,11 @@
"zentralwerk-network-key": "zentralwerk-network-key"
},
"locked": {
"lastModified": 1632346528,
"narHash": "sha256-NHRRcKxdz4JRs7h0L1w+8NQXxhm+pCJyrypnLmy+bWg=",
"lastModified": 1632576605,
"narHash": "sha256-LDMtUOVEPYBfIQ16pyFe+LeZjnFLn8UJsrkCCrBZuZc=",
"ref": "master",
"rev": "44094c1346080aa18ec0e212b29529bbea766188",
"revCount": 1181,
"rev": "a2a04a54bd4f5e110f511b996bfb2463ff891932",
"revCount": 1182,
"type": "git",
"url": "https://gitea.c3d2.de/zentralwerk/network.git"
},

2
host-registry.nix

@ -117,8 +117,6 @@ rec {
ip4 = "172.20.73.45";
ip6 = "2a00:8180:2c00:282:1024:5fff:febd:9be7";
};
radiobert.ip4 = "172.22.99.154";
};
hqGlobal = builtins.attrNames hosts;

4
hosts/containers/public-access-proxy/default.nix

@ -43,6 +43,10 @@
hostNames = [ "mobilizon.c3d2.de" ];
proxyTo.host = hostRegistry.hosts.mobilizon.ip4;
}
{
hostNames = [ "sdr.c3d2.de" ];
proxyTo.host = hostRegistry.hosts.radiobert.ip4;
}
];
};

32
hosts/radiobert/default.nix

@ -1,4 +1,4 @@
{ config, lib, pkgs, modulesPath, ... }:
{ hostRegistry, config, lib, pkgs, modulesPath, ... }:
{
boot.initrd.availableKernelModules = [ "usbhid" ];
@ -47,11 +47,7 @@
firmwareSize = 512;
};
c3d2 = {
isInHq = true;
mapHqHosts = true;
hq.interface = "eth0";
};
c3d2.isInHq = false;
nix = {
buildCores = 4;
@ -60,15 +56,13 @@
networking = {
hostName = "radiobert"; # Define your hostname.
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
useDHCP = false;
interfaces.eth0.useDHCP = true;
interfaces.wlan0.useDHCP = true;
# TODO
firewall.enable = false;
interfaces.eth0.ipv4.addresses = [{
address = hostRegistry.hosts.${config.networking.hostName}.ip4;
prefixLength = 26;
}];
defaultGateway = "172.20.73.1";
firewall.allowedTCPPorts = [ 22 80 443 ];
};
services.openwebrx.enable = true;
@ -105,6 +99,16 @@
extraGroups = [ "wheel" "audio" ];
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts."sdr.hq.c3d2.de" = {
default = true;
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:8073";
};
};
security.acme = {
acceptTerms = true;
email = "mail@c3d2.de";

Loading…
Cancel
Save