75 lines
2.0 KiB
Nix
75 lines
2.0 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
|
||
{ config, pkgs, lib, ... }:
|
||
|
||
{
|
||
imports = [
|
||
../../../lib/lxc-container.nix
|
||
../../../lib/shared.nix
|
||
../../../lib/admins.nix
|
||
];
|
||
|
||
networking = {
|
||
hostName = "registry";
|
||
# usePredictableInterfacenames = false;
|
||
interfaces.eth0.ipv4.addresses = [{
|
||
address = "172.22.99.34";
|
||
prefixLength = 24;
|
||
}];
|
||
interfaces.eth0.ipv6.addresses = [{
|
||
address = "2a02:8106:208:5201::34";
|
||
prefixLength = 64;
|
||
}];
|
||
|
||
dhcpcd.denyInterfaces = [ "eth0" ];
|
||
|
||
defaultGateway = {
|
||
address = "172.22.99.1";
|
||
interface = "eth0";
|
||
metric = 10;
|
||
};
|
||
#defaultGateway6 = {
|
||
# address = "fe80::a800:42ff:fe7a:3246";
|
||
# interface = "ens18";
|
||
#};
|
||
};
|
||
|
||
# Open ports in the firewall.
|
||
networking.firewall.allowedTCPPorts = [ 22 80 443 5000 ];
|
||
|
||
# List packages installed in system profile. To search, run:
|
||
# $ nix search wget
|
||
environment.systemPackages = with pkgs; [ wget vim ];
|
||
|
||
services.dockerRegistry = {
|
||
enable = true;
|
||
storagePath = "/srv/docker-registry";
|
||
enableGarbageCollect = true;
|
||
enableDelete = true;
|
||
};
|
||
|
||
services.nginx.enable = true;
|
||
services.nginx.virtualHosts."registry.hq.c3d2.de" = {
|
||
# serverAliases = [ "registry.serv.zentralwerk.org" ];
|
||
enableACME = true;
|
||
onlySSL = true;
|
||
locations.".well-known/acme-challenge/" = {
|
||
root = "/var/lib/acme/acme-challenge/.well-known/acme-challenge/";
|
||
};
|
||
locations."/" = { proxyPass = "http://localhost:5000"; };
|
||
extraConfig = ''
|
||
client_max_body_size 4096M;
|
||
gzip off;
|
||
'';
|
||
};
|
||
|
||
# This value determines the NixOS release with which your system is to be
|
||
# compatible, in order to avoid breaking some software such as database
|
||
# servers. You should change this only after NixOS release notes say you
|
||
# should.
|
||
system.stateVersion = "19.03"; # Did you read the comment?
|
||
}
|
||
|