54 lines
1.3 KiB
Nix
54 lines
1.3 KiB
Nix
{ zentralwerk, hostRegistry, lib, pkgs, ... }:
|
|
{
|
|
c3d2 = {
|
|
isInHq = true;
|
|
hq.interface = "eth0";
|
|
};
|
|
networking.hostName = "matemat";
|
|
networking.useNetworkd = true;
|
|
networking.interfaces.eth0 = {
|
|
ipv4.addresses = [{
|
|
address = hostRegistry.hosts.matemat.ip4;
|
|
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
|
}];
|
|
};
|
|
networking.defaultGateway = "172.20.73.1";
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
services.yammat.enable = true;
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedProxySettings = true;
|
|
virtualHosts."matemat.hq.c3d2.de" = {
|
|
default = true;
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:3000";
|
|
extraConfig = ''
|
|
satisfy any;
|
|
auth_basic secured;
|
|
auth_basic_user_file ${pkgs.matemat-auth};
|
|
allow 2a00:8180:2c00:200::/56;
|
|
allow 172.22.99.0/24;
|
|
allow 172.20.72.0/21;
|
|
deny all;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
services.ssmtp = {
|
|
enable = true;
|
|
root = "nek0@c3d2.de";
|
|
useTLS = true;
|
|
useSTARTTLS = true;
|
|
hostName = "mail.c3d2.de:587";
|
|
domain = "matemat.hq.c3d2.de";
|
|
settings = {
|
|
hostname = "matemat.hq.c3d2.de";
|
|
};
|
|
};
|
|
}
|