tangled.org
Tangled infrastructure definitions in Nix
some targetPort shit
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
anirudh.fi
+7
-7
flake.nix
+7
-7
flake.nix
···
44
};
45
46
# Helper function to create colmena host
47
-
mkColmenaHost = hostname: targetHost: extraModules:
48
{
49
deployment = {
50
inherit targetHost;
51
-
targetPort = 22;
52
targetUser = "tangler";
53
buildOnTarget = true;
54
};
···
137
environment.systemPackages = [ pkgs.curl ];
138
};
139
140
-
appview = mkColmenaHost "appview" hosts.appview.target hosts.appview.modules;
141
-
pds = mkColmenaHost "pds" hosts.pds.target hosts.pds.modules;
142
-
nixery = mkColmenaHost "nixery" hosts.nixery.target hosts.nixery.modules;
143
-
spindle = mkColmenaHost "spindle" hosts.spindle.target hosts.spindle.modules;
144
-
knot1 = mkColmenaHost "knot1" hosts.knot1.target hosts.knot1.modules;
145
};
146
};
147
}
···
44
};
45
46
# Helper function to create colmena host
47
+
mkColmenaHost = hostname: targetHost: targetPort: extraModules:
48
{
49
deployment = {
50
inherit targetHost;
51
+
inherit targetPort;
52
targetUser = "tangler";
53
buildOnTarget = true;
54
};
···
137
environment.systemPackages = [ pkgs.curl ];
138
};
139
140
+
appview = mkColmenaHost "appview" hosts.appview.target 2222 hosts.appview.modules;
141
+
pds = mkColmenaHost "pds" hosts.pds.target 22 hosts.pds.modules;
142
+
nixery = mkColmenaHost "nixery" hosts.nixery.target 22 hosts.nixery.modules;
143
+
spindle = mkColmenaHost "spindle" hosts.spindle.target 22 hosts.spindle.modules;
144
+
knot1 = mkColmenaHost "knot1" hosts.knot1.target 22 hosts.knot1.modules;
145
};
146
};
147
}
+1
hosts/appview/configuration.nix
+1
hosts/appview/configuration.nix
+20
-7
hosts/appview/services/nginx.nix
+20
-7
hosts/appview/services/nginx.nix
···
7
recommendedOptimisation = true;
8
recommendedGzipSettings = true;
9
10
virtualHosts = {
11
# Redirect tangled.sh → tangled.org
12
"tangled.sh" = {
···
53
'';
54
55
locations."~ ^/@tangled\\.sh(/.*)?$" = {
56
-
return = "301 https://tangled.org/@tangled.org$1$is_args$args";
57
};
58
59
locations."~ ^/tangled\\.sh(/.*)?$" = {
60
-
return = "301 https://tangled.org/tangled.org$1$is_args$args";
61
};
62
63
locations."~ /logs$" = {
64
proxyPass = "http://127.0.0.1:3000";
65
proxyWebsockets = true;
···
71
locations."/" = {
72
proxyPass = "http://127.0.0.1:3000";
73
extraConfig = ''
74
-
proxy_set_header Host $host;
75
-
proxy_set_header X-Real-IP $remote_addr;
76
-
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
77
-
proxy_set_header X-Forwarded-Proto $scheme;
78
client_max_body_size 100M;
79
'';
80
};
···
83
};
84
85
# Open firewall ports
86
-
networking.firewall.allowedTCPPorts = [ 80 443 ];
87
88
# ACME configuration for Let's Encrypt
89
security.acme = {
···
7
recommendedOptimisation = true;
8
recommendedGzipSettings = true;
9
10
+
streamConfig = ''
11
+
upstream knot-sailor {
12
+
server 94.237.110.185:22;
13
+
}
14
+
15
+
server {
16
+
listen 22;
17
+
listen [::]:22;
18
+
proxy_pass knot-sailor;
19
+
}
20
+
'';
21
+
22
virtualHosts = {
23
# Redirect tangled.sh → tangled.org
24
"tangled.sh" = {
···
65
'';
66
67
locations."~ ^/@tangled\\.sh(/.*)?$" = {
68
+
extraConfig = ''
69
+
rewrite ^/@tangled\.sh(.*)$ https://tangled.org/@tangled.org$1 permanent;
70
+
'';
71
};
72
73
locations."~ ^/tangled\\.sh(/.*)?$" = {
74
+
extraConfig = ''
75
+
rewrite ^/tangled\.sh(.*)$ https://tangled.org/tangled.org$1 permanent;
76
+
'';
77
};
78
79
+
80
locations."~ /logs$" = {
81
proxyPass = "http://127.0.0.1:3000";
82
proxyWebsockets = true;
···
88
locations."/" = {
89
proxyPass = "http://127.0.0.1:3000";
90
extraConfig = ''
91
client_max_body_size 100M;
92
'';
93
};
···
96
};
97
98
# Open firewall ports
99
+
networking.firewall.allowedTCPPorts = [ 80 443 2222 22 ];
100
101
# ACME configuration for Let's Encrypt
102
security.acme = {