add docker registry
Daniel Poelzleithner
parent
52792901bd
commit
bde5a3d467
|
|
@ -0,0 +1,102 @@
|
|||
[ <nixpkgs/nixos/modules/profiles/minimal.nix>
|
||||
];
|
||||
nix.useSandbox = false;
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
|
||||
boot.isContainer = true;
|
||||
# /sbin/init
|
||||
boot.loader.initScript.enable = true;
|
||||
boot.loader.grub.enable = false;
|
||||
#boot.supportedFilesystems = ["zfs" "ext2" "ext3" "vfat" "fat32" "bcache" "bcachefs"];
|
||||
|
||||
fileSystems."/" = { fsType = "rootfs"; device = "rootfs"; };
|
||||
|
||||
#networking.hostName = "docker-registry"; # Define your hostname.
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
#networking.useNetworkd = true;
|
||||
|
||||
networking = {
|
||||
hostName = "registry";
|
||||
# usePredictableInterfacenames = false;
|
||||
interfaces.eth0.ipv4.addresses = [{
|
||||
address = "172.22.99.34";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
interfaces.eth0.ipv6.addresses = [{
|
||||
address= "2a02:8106:208:5201::34";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
|
||||
dhcpcd.denyInterfaces = [ "eth0" ];
|
||||
|
||||
nameservers = [ "8.8.8.8" "9.9.9.9" ];
|
||||
|
||||
defaultGateway = {
|
||||
address = "172.22.99.1";
|
||||
interface = "eth0";
|
||||
metric = 10;
|
||||
};
|
||||
#defaultGateway6 = {
|
||||
# address = "fe80::a800:42ff:fe7a:3246";
|
||||
# interface = "ens18";
|
||||
#};
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
22
|
||||
80
|
||||
443
|
||||
5000
|
||||
];
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Berlin";
|
||||
# Select internationalisation properties.
|
||||
i18n = {
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
supportedLocales = lib.mkForce [ "en_US.UTF-8/UTF-8" ];
|
||||
};
|
||||
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget
|
||||
vim
|
||||
];
|
||||
|
||||
# Create a few files early before packing tarball for Proxmox
|
||||
# architecture/OS detection.
|
||||
system.extraSystemBuilderCmds =
|
||||
''
|
||||
mkdir -m 0755 -p $out/bin
|
||||
ln -s ${pkgs.bash}/bin/bash $out/bin/sh
|
||||
mkdir -m 0755 -p $out/sbin
|
||||
ln -s ../init $out/sbin/init
|
||||
'';
|
||||
|
||||
services.dockerRegistry.enable = true;
|
||||
|
||||
services.nginx.enable = true;
|
||||
services.nginx.virtualHosts."registry.hq.c3d2.de" = {
|
||||
enableACME = true;
|
||||
enableSSL = true;
|
||||
# forceSSL = true;
|
||||
locations.".well-known/acme-challenge/" = {
|
||||
root = "/var/lib/acme/acme-challenge/.well-known/acme-challenge/";
|
||||
};
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:5000";
|
||||
};
|
||||
};
|
||||
|
||||
# This value determines the NixOS release with which your system is to be
|
||||
# compatible, in order to avoid breaking some software such as database
|
||||
# servers. You should change this only after NixOS release notes say you
|
||||
# should.
|
||||
system.stateVersion = "18.09"; # Did you read the comment?
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue