Temporarily host fmap/muflax65ngodyewp.onion
parent
1928755491
commit
496a9b41ee
2
conf
2
conf
|
@ -15,7 +15,7 @@ remote)
|
|||
eval ${@:2}
|
||||
;;
|
||||
remote-new)
|
||||
export NIX_PATH="nixpkgs=https://nixos.org/channels/nixos-16.03/nixexprs.tar.xz:ssh-id-file=`pwd`/deploy_key":secrets=`pwd`/secrets.nix
|
||||
export NIX_PATH="nixpkgs=https://nixos.org/channels/nixos-16.03/nixexprs.tar.xz:ssh-id-file=`pwd`/deploy_key":secrets=`pwd`/secrets.nix:muflax-blog=./vendor/muflax-blog
|
||||
eval ${@:2}
|
||||
;;
|
||||
local-deploy)
|
||||
|
|
|
@ -0,0 +1,50 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
|
||||
|
||||
let
|
||||
cfg = config.services.muflax-blog;
|
||||
blog = lib.overrideDerivation (pkgs.callPackage <muflax-blog/maintenance> {}) (default: {
|
||||
buildPhase = default.buildPhase + "\n" + ''
|
||||
grep -lr '[^@]muflax.com' out | xargs -r sed -i 's/\([^@]\)muflax.com/\1${cfg.hidden-service.hostname}/g'
|
||||
'';
|
||||
});
|
||||
in with lib; {
|
||||
options.services.muflax-blog = {
|
||||
enable = mkOption { type = types.bool; default = false; };
|
||||
web-server = {
|
||||
port = mkOption { type = types.int; };
|
||||
};
|
||||
hidden-service = {
|
||||
hostname = mkOption { type = types.str; };
|
||||
private_key = mkOption { type = types.str; };
|
||||
};
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
httpConfig = ''
|
||||
server {
|
||||
index index.html;
|
||||
port_in_redirect off;
|
||||
listen 127.0.0.1:${toString cfg.web-server.port};
|
||||
server_name ${cfg.hidden-service.hostname};
|
||||
root ${blog}/muflax;
|
||||
}
|
||||
'' + concatStringsSep "\n" (map (site: ''
|
||||
server {
|
||||
index index.html;
|
||||
port_in_redirect off;
|
||||
listen 127.0.0.1:${toString cfg.web-server.port};
|
||||
server_name ${site}.${cfg.hidden-service.hostname};
|
||||
root ${blog}/${site};
|
||||
}
|
||||
'') ["daily" "gospel" "blog"]);
|
||||
};
|
||||
services.tor.hiddenServices = [{
|
||||
name = "muflax-blog";
|
||||
remote_port = 80;
|
||||
inherit (cfg.web-server) port;
|
||||
inherit (cfg.hidden-service) hostname private_key;
|
||||
}];
|
||||
};
|
||||
}
|
|
@ -18,6 +18,7 @@ in
|
|||
../modules/mailz.nix
|
||||
../modules/nginx.nix
|
||||
../modules/tor-hidden-service.nix
|
||||
../modules/muflax-blog.nix
|
||||
];
|
||||
|
||||
networking.hostName = secrets.hostnames.pennyworth;
|
||||
|
@ -143,4 +144,15 @@ in
|
|||
chown -R prosody:prosody /var/lib/prosody
|
||||
'';
|
||||
networking.firewall.allowedTCPPorts = [5222 5269];
|
||||
|
||||
services.muflax-blog = {
|
||||
enable = true;
|
||||
web-server = {
|
||||
port = 9001;
|
||||
};
|
||||
hidden-service = {
|
||||
hostname = "muflax65ngodyewp.onion";
|
||||
private_key = "/run/keys/torkeys/http.muflax.key";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
Subproject commit e5ce7ae4296c6605a7e886c153d569fc38318096
|
Loading…
Reference in New Issue