diff options
| author | Kjetil Ørbekk <kj@orbekk.com> | 2018-03-30 16:48:39 -0400 |
|---|---|---|
| committer | Kjetil Ørbekk <kj@orbekk.com> | 2018-03-30 16:48:39 -0400 |
| commit | 716c38c488eda5137b94235898b0af4f28fe236f (patch) | |
| tree | e65d63f1522710f33af6dddeb52bf960f2efe0e7 /machines | |
| parent | 4da40c29d241ec2e49a1eb896f5b12df8f6396b0 (diff) | |
add kick container
Diffstat (limited to 'machines')
| -rw-r--r-- | machines/dragon.nix | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/machines/dragon.nix b/machines/dragon.nix index 184b34f..0097bf3 100644 --- a/machines/dragon.nix +++ b/machines/dragon.nix @@ -29,6 +29,48 @@ packages = [ pkgs.lxc ]; }; + containers.kick = { + autoStart = true; + hostBridge = "br0"; + privateNetwork = true; + config = { config, pkgs, ... }: { + system.activationScripts = { + resolvconf = { + text = '' + chmod +w /etc/resolv.conf + echo nameserver 2001:4860:4860::8888 >> /etc/resolv.conf + chmod -w /etc/resolv.conf + ''; + }; + }; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.nameservers = [ "2001:4860:4860::8888" "2001:4860:4860::8844" ]; + services.nginx = { + enable = true; + virtualHosts = { + "kick.orbekk.no" = { + enableACME = true; + }; + }; + }; + environment.systemPackages = [ + pkgs.simp_le + ]; + nixpkgs.config.packageOverrides = pkgs: { + simp_le = pkgs.stdenv.mkDerivation { + name = "simp_le"; + nativeBuildInputs = [ pkgs.makeWrapper ]; + buildCommand = '' + mkdir -p $out/bin + makeWrapper "${pkgs.simp_le}/bin/simp_le" $out/bin/simp_le \ + --add-flags "--server https://api.buypass.com/acme/directory" \ + --add-flags "--email kj@orbekk.com" \ + --add-flags "--tos_sha256 07c2ac41aff33fe06e27447ea592c503f22967fd43b0e8500cbc8452f28a4bf1" + ''; + }; + }; + }; + }; boot = { kernelParams = [ "console=tty0" ''console="ttyS0,115200n8"'' ]; |