Setup ikiwiki host

This commit is contained in:
fi 2024-11-12 21:32:47 +01:00
parent abc3c08a7a
commit e1d39fb8d4
Signed by: fi
SSH key fingerprint: SHA256:d+6fQoDPMbSFK95zRVflRKZLRKF4cPSQb7VIxYkhFsA
7 changed files with 97 additions and 3 deletions

View file

@ -0,0 +1,27 @@
{ ... }:
{
boot.loader.grub = {
enable = true;
device = "/dev/vda";
};
networking = {
hostName = "ikiwiki";
firewall = {
enable = true;
allowedTCPPorts = [ 80 8443 ];
};
};
fileSystems = {
# partition data disk with `sudo mkfs.ext4 /dev/vdx`
# label data disk with `e2label /dev/vdx "data"`
"/mnt/data" = {
device = "/dev/disk/by-label/data";
fsType = "ext4";
autoResize = true;
};
};
system.stateVersion = "24.05";
}

View file

@ -0,0 +1,8 @@
{ ... }:
{
imports = [
./configuration.nix
./ikiwiki.nix
./nginx.nix
];
}

View file

@ -0,0 +1,17 @@
{ pkgs, config, ... }:
{
environment.systemPackages = with pkgs; [
ikiwiki-full
];
services.fcgiwrap.instances."ikiwiki" = {
socket = {
user = config.services.nginx.user;
group = config.services.nginx.group;
};
process = {
user = config.services.nginx.user;
group = config.services.nginx.group;
};
};
}

View file

@ -0,0 +1,39 @@
{ pkgs, ... }:
{
services.nginx = {
enable = true;
virtualHosts."fi.nekover.se" = {
forceSSL = true;
enableACME = true;
listen = [
{
addr = "0.0.0.0";
port = 80;
}
{
addr = "0.0.0.0";
port = 8443;
ssl = true;
extraParameters = [ "proxy_protocol" ];
}
];
root = "/mnt/data/public_html/fi-zone";
locations = {
"/" = {
tryFiles = "$uri $uri/ =404";
};
"~ .cgi" = {
extraConfig = ''
gzip off;
fastcgi_pass unix:/var/run/fcgiwrap-ikiwiki.sock;
include ${pkgs.nginx}/conf/fastcgi_params;
'';
};
};
extraConfig = ''
set_real_ip_from 10.202.41.100;
real_ip_header proxy_protocol;
'';
};
};
}