configuration
flake
hosts
_iso
aluminium
astatine
backup-4
beryllium
carbon
clerie-backup
dn42-il-gw1
dn42-il-gw5
dn42-il-gw6
dn42-ildix-clerie
dn42-ildix-service
gatekeeper
hydra-1
hydra-2
krypton
mail-2
monitoring-3
nonat
osmium
palladium
porter
storage-2
configuration.nix
firmware.nix
hardware-configuration.nix
mixcloud.nix
secrets.json
ssh.pub
syncthing.nix
users.nix
tungsten
web-2
zinc
lib
modules
pkgs
profiles
users
.gitignore
README.md
flake.lock
flake.nix
38 lines
761 B
Nix
38 lines
761 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
sops.secrets.firmware-htpasswd = {
|
|
owner = "nginx";
|
|
group = "nginx";
|
|
};
|
|
|
|
services.nginx.virtualHosts = {
|
|
"firmware.clerie.de" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
alias = "/data/firmware/";
|
|
basicAuthFile = config.sops.secrets.firmware-htpasswd.path;
|
|
extraConfig = ''
|
|
autoindex on;
|
|
autoindex_exact_size off;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
users.users.data-firmware = {
|
|
group = "data-firmware";
|
|
home = "/data/firmware";
|
|
useDefaultShell = true;
|
|
isSystemUser = true;
|
|
};
|
|
users.groups.data-firmware = {};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d /data/firmware - data-firmware data-firmware - -"
|
|
];
|
|
}
|