diff options
author | Emile <git@emile.space> | 2024-03-09 22:56:01 +0100 |
---|---|---|
committer | Emile <git@emile.space> | 2024-03-09 22:56:01 +0100 |
commit | 55ee036fd7ebed24097c8da1ca8a0b0829264670 (patch) | |
tree | 9c600d75a4f59f8ec253c5caadc1f77b2cecb0da /nix/hosts/corrino/www/magic-hash.emile.space.nix |
big bang
Diffstat (limited to 'nix/hosts/corrino/www/magic-hash.emile.space.nix')
-rw-r--r-- | nix/hosts/corrino/www/magic-hash.emile.space.nix | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/nix/hosts/corrino/www/magic-hash.emile.space.nix b/nix/hosts/corrino/www/magic-hash.emile.space.nix new file mode 100644 index 0000000..05446ea --- /dev/null +++ b/nix/hosts/corrino/www/magic-hash.emile.space.nix @@ -0,0 +1,33 @@ +{ config, ... }: + +{ + services.nginx.virtualHosts."magic-hash.emile.space" = { + forceSSL = true; + enableACME = true; + + locations = { + "/" = { + proxyPass = "http://127.0.0.1:8339"; + }; + }; + }; + + virtualisation.oci-containers = { + backend = "docker"; + containers = { + "ctfd" = { + image = "magic-hash"; + ports = [ + "8338:80" + ]; + environment = { + + # this is not encouraged, but should work for the weekend (this is a + # flag, not a password, so even if it get's leaked, the worst that + # can happen is that people could enter it somewhere) + "FLAG" = builtins.readFile config.age.secrets.magic-hash-flag.path; + }; + }; + }; + }; +} |