tangled.org
anirudh.fi
+7
-7
flake.nix
+7
-7
flake.nix
···
34
34
};
35
35
36
36
# Helper function to create colmena host
37
-
mkColmenaHost = hostname: targetHost: extraModules:
37
+
mkColmenaHost = hostname: targetHost: targetPort: extraModules:
38
38
{
39
39
deployment = {
40
40
inherit targetHost;
41
-
targetPort = 22;
41
+
inherit targetPort;
42
42
targetUser = "tangler";
43
43
buildOnTarget = true;
44
44
};
···
127
127
environment.systemPackages = [ pkgs.curl ];
128
128
};
129
129
130
-
appview = mkColmenaHost "appview" hosts.appview.target hosts.appview.modules;
131
-
pds = mkColmenaHost "pds" hosts.pds.target hosts.pds.modules;
132
-
nixery = mkColmenaHost "nixery" hosts.nixery.target hosts.nixery.modules;
133
-
spindle = mkColmenaHost "spindle" hosts.spindle.target hosts.spindle.modules;
134
-
knot1 = mkColmenaHost "knot1" hosts.knot1.target hosts.knot1.modules;
130
+
appview = mkColmenaHost "appview" hosts.appview.target 2222 hosts.appview.modules;
131
+
pds = mkColmenaHost "pds" hosts.pds.target 22 hosts.pds.modules;
132
+
nixery = mkColmenaHost "nixery" hosts.nixery.target 22 hosts.nixery.modules;
133
+
spindle = mkColmenaHost "spindle" hosts.spindle.target 22 hosts.spindle.modules;
134
+
knot1 = mkColmenaHost "knot1" hosts.knot1.target 22 hosts.knot1.modules;
135
135
};
136
136
};
137
137
}
+1
hosts/appview/configuration.nix
+1
hosts/appview/configuration.nix
+20
-7
hosts/appview/services/nginx.nix
+20
-7
hosts/appview/services/nginx.nix
···
7
7
recommendedOptimisation = true;
8
8
recommendedGzipSettings = true;
9
9
10
+
streamConfig = ''
11
+
upstream knot-sailor {
12
+
server 94.237.110.185:22;
13
+
}
14
+
15
+
server {
16
+
listen 22;
17
+
listen [::]:22;
18
+
proxy_pass knot-sailor;
19
+
}
20
+
'';
21
+
10
22
virtualHosts = {
11
23
# Redirect tangled.sh → tangled.org
12
24
"tangled.sh" = {
···
53
65
'';
54
66
55
67
locations."~ ^/@tangled\\.sh(/.*)?$" = {
56
-
return = "301 https://tangled.org/@tangled.org$1$is_args$args";
68
+
extraConfig = ''
69
+
rewrite ^/@tangled\.sh(.*)$ https://tangled.org/@tangled.org$1 permanent;
70
+
'';
57
71
};
58
72
59
73
locations."~ ^/tangled\\.sh(/.*)?$" = {
60
-
return = "301 https://tangled.org/tangled.org$1$is_args$args";
74
+
extraConfig = ''
75
+
rewrite ^/tangled\.sh(.*)$ https://tangled.org/tangled.org$1 permanent;
76
+
'';
61
77
};
62
78
79
+
63
80
locations."~ /logs$" = {
64
81
proxyPass = "http://127.0.0.1:3000";
65
82
proxyWebsockets = true;
···
71
88
locations."/" = {
72
89
proxyPass = "http://127.0.0.1:3000";
73
90
extraConfig = ''
74
-
proxy_set_header Host $host;
75
-
proxy_set_header X-Real-IP $remote_addr;
76
-
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
77
-
proxy_set_header X-Forwarded-Proto $scheme;
78
91
client_max_body_size 100M;
79
92
'';
80
93
};
···
83
96
};
84
97
85
98
# Open firewall ports
86
-
networking.firewall.allowedTCPPorts = [ 80 443 ];
99
+
networking.firewall.allowedTCPPorts = [ 80 443 2222 22 ];
87
100
88
101
# ACME configuration for Let's Encrypt
89
102
security.acme = {