From e46a7a0d4343e1005d58472965db0da3c2b116ca Mon Sep 17 00:00:00 2001 From: Marek Paśnikowski Date: Tue, 8 Oct 2024 17:44:19 +0200 Subject: refactor(izumi): isolate (nginx) service --- systems/izumi/izumi.scm | 79 +++++++++++++++++++++++++------------------------ 1 file changed, 41 insertions(+), 38 deletions(-) (limited to 'systems') diff --git a/systems/izumi/izumi.scm b/systems/izumi/izumi.scm index 4dc45e4..be76f84 100644 --- a/systems/izumi/izumi.scm +++ b/systems/izumi/izumi.scm @@ -231,6 +231,46 @@ (define mapped-devices-izumi (mapped-devices-izumi)) +(define (nginx) + (service nginx-service-type* + (nginx-configuration + (server-blocks + (list + ;; Top-Level + (nginx-server-configuration + (locations + (list + (nginx-location-configuration + (uri "/.well-known" ) + (body + (list "root /srv/www/marek/marekpasnikowski.pl ;"))))) + (listen (list "192.168.10.2:443 ssl")) + (root "/srv/www/marek/marekpasnikowski.pl") + (server-name ( list "marekpasnikowski.pl")) + (ssl-certificate + "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem") + (ssl-certificate-key + "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem")) + ;; Radicale + (nginx-server-configuration + (locations + (list + (nginx-location-configuration + (body + (list + "proxy_pass http://localhost:5232/ ;" + "proxy_set_header X-Script-Name \"\" ;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" + "proxy_set_header Host $http_host ;" + "proxy_pass_header Authorization ;")) + (uri "/")) + (nginx-location-configuration + (body + (list "root /srv/www/marek/marekpasnikowski.pl ;")) + (uri "/.well-known")))) + (listen (list "192.168.10.2:443 ssl")) + (server-name (list "radicale.marekpasnikowski.pl")))))))) + (define (openssh) (service openssh-service-type)) @@ -396,46 +436,9 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n") ) ) ) ( service plasma-desktop-service-type ) ( service syncthing-service-type ( syncthing-configuration ( user "marek" ) ) ) - (service nginx-service-type* - ( nginx-configuration - ( server-blocks - ( list - ;; Top-Level - ( nginx-server-configuration - ( locations - ( list - ( nginx-location-configuration - ( uri "/.well-known" ) - ( body - ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( root "/srv/www/marek/marekpasnikowski.pl" ) - ( server-name ( list "marekpasnikowski.pl" ) ) - ( ssl-certificate - "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) - ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) - ;; Radicale - ( nginx-server-configuration - ( locations - ( list - ( nginx-location-configuration - ( body - ( list - "proxy_pass http://localhost:5232/ ;" - "proxy_set_header X-Script-Name \"\" ;" - "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" - "proxy_set_header Host $http_host ;" - "proxy_pass_header Authorization ;" ) ) - ( uri "/" ) ) - ( nginx-location-configuration - ( body - ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) - ( uri "/.well-known" ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( server-name ( list "radicale.marekpasnikowski.pl" ) ) ) ) ) ) ) (etc-mailname) (home-services) + (nginx) (openssh) (radicale)))) -- cgit v1.2.3