szalotka: fix forgejo container push, add site

2025-01-28 20:06:38 +01:00 · 2025-01-28 20:06:38 +01:00 · 2a5d42cbb1
parent 8e772f47f8
commit 2a5d42cbb1
3 changed files with 22 additions and 0 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -14,6 +14,7 @@
      ./authentik.nix
      ./forgejo.nix
      ./backups.nix
+      ./site.nix
    ];

  boot.loader.systemd-boot.enable = true;
--- a/forgejo.nix
+++ b/forgejo.nix
@ -55,6 +55,7 @@
      proxyPass = "http://localhost:3001";
    };
  };
+  services.nginx.clientMaxBodySize = "4096m";

  # redirect external port 22 to internal 2223
  networking.firewall.allowedTCPPorts = [ 22 2223 ];
--- a/site.nix
+++ b/site.nix
@ -0,0 +1,20 @@
+{ config, pkgs, lib, ... }:
+
+{
+  virtualisation.podman.enable = true;
+  virtualisation.oci-containers.backend = "podman";
+  virtualisation.oci-containers.containers = {
+    site = {
+      image = "git.orga.cebula.camp/infra/site:golden";
+      ports = [ "10.88.0.1:9001:80" ];
+    };
+  };
+  services.nginx.virtualHosts."cebula.camp" = {
+    forceSSL = true;
+    enableACME = true;
+    locations."/" = {
+      proxyPass = "http://10.88.0.1:9001/";
+      proxyWebsockets = true;
+    };
+  };
+}