Switch from OCI container to NixOS module.
This commit is contained in:
parent
827217da51
commit
4130730852
GPG key ID:
671E39E6744C807D
2 changed files with 15 additions and 39 deletions
|
|
@ -57,7 +57,6 @@ rec {
|
||||||
pre-commit-hooks = {
|
pre-commit-hooks = {
|
||||||
url = "github:cachix/pre-commit-hooks.nix";
|
url = "github:cachix/pre-commit-hooks.nix";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
inputs.nixpkgs-stable.follows = "nixpkgs";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
matrix-appservices = {
|
matrix-appservices = {
|
||||||
|
|
@ -82,7 +81,7 @@ rec {
|
||||||
|
|
||||||
csharp-language-server = {
|
csharp-language-server = {
|
||||||
url = "github:SofusA/csharp-language-server";
|
url = "github:SofusA/csharp-language-server";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
# inputs.nixpkgs.follows = "nixpkgs";
|
||||||
inputs.flake-utils.follows = "flake-utils";
|
inputs.flake-utils.follows = "flake-utils";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -1,57 +1,34 @@
|
||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
inherit (config.users.users.collabora-office) uid;
|
cfg = config.services.collabora-online;
|
||||||
inherit (config.users.groups.collabora-office) gid;
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
virtualisation.oci-containers.containers.collabora-office = {
|
services.collabora-online = {
|
||||||
image = "docker.io/collabora/code";
|
enable = true;
|
||||||
ports = [ "9980:9980" ];
|
aliasGroups = [
|
||||||
environment =
|
|
||||||
let
|
|
||||||
mkAlias = domain: "https://" + (builtins.replaceStrings [ "." ] [ "\\." ] domain) + ":443";
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
server_name = "office.felschr.com";
|
host = "https://office.felschr.com";
|
||||||
aliasgroup1 = mkAlias "office.felschr.com";
|
aliases = [ "https://cloud.felschr.com" ];
|
||||||
aliasgroup2 = mkAlias "cloud.felschr.com";
|
}
|
||||||
extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
|
|
||||||
};
|
|
||||||
extraOptions = [
|
|
||||||
"--runtime=crun"
|
|
||||||
"--uidmap=0:65534:1"
|
|
||||||
"--gidmap=0:65534:1"
|
|
||||||
"--uidmap=100:${toString uid}:1"
|
|
||||||
"--gidmap=101:${toString gid}:1"
|
|
||||||
"--network=host"
|
|
||||||
"--cap-add=MKNOD"
|
|
||||||
"--cap-add=CHOWN"
|
|
||||||
"--cap-add=FOWNER"
|
|
||||||
"--cap-add=SYS_CHROOT"
|
|
||||||
"--label=io.containers.autoupdate=registry"
|
|
||||||
];
|
];
|
||||||
|
settings = {
|
||||||
|
ssl = {
|
||||||
|
enable = false;
|
||||||
|
termination = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."office.felschr.com" = {
|
services.nginx.virtualHosts."office.felschr.com" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
proxyPass = "http://127.0.0.1:9980";
|
proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
proxy_read_timeout 36000s;
|
proxy_read_timeout 36000s;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.collabora-office = {
|
|
||||||
isSystemUser = true;
|
|
||||||
group = "collabora-office";
|
|
||||||
uid = 982;
|
|
||||||
};
|
|
||||||
|
|
||||||
users.groups.collabora-office = {
|
|
||||||
gid = 982;
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue