From 55ee036fd7ebed24097c8da1ca8a0b0829264670 Mon Sep 17 00:00:00 2001 From: Emile Date: Sat, 9 Mar 2024 22:56:01 +0100 Subject: big bang --- nix/hosts/corrino/www/cs.emile.space.nix | 56 ++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 nix/hosts/corrino/www/cs.emile.space.nix (limited to 'nix/hosts/corrino/www/cs.emile.space.nix') diff --git a/nix/hosts/corrino/www/cs.emile.space.nix b/nix/hosts/corrino/www/cs.emile.space.nix new file mode 100644 index 0000000..de4d67e --- /dev/null +++ b/nix/hosts/corrino/www/cs.emile.space.nix @@ -0,0 +1,56 @@ +# Run sourcegraph, including its entire machinery, in a container. +# Running it outside of a container is a futile endeavour for now. + +# adapted from https://cs.tvl.fyi/depot/-/blob/ops/modules/sourcegraph.nix + +{ ... }: + +{ + services.nginx.virtualHosts."cs.emile.space" = { + forceSSL = true; + enableACME = true; + + locations = { + "/" = { + proxyPass = "http://127.0.0.1:3463"; + + extraConfig = '' + location = / { + return 301 https://cs.emile.space/hefe; + } + + location / { + proxy_set_header X-Sg-Auth "Anonymous"; + proxy_pass http://localhost:7080; + } + + location /users/Anonymous/settings { + return 301 https://cs.emile.space; + } + ''; + }; + }; + }; + + virtualisation.oci-containers.backend = "docker"; + virtualisation.oci-containers.containers.sourcegraph = { + image = "sourcegraph/server:5.1.1"; + + ports = [ + "127.0.0.1:3463:7080" + ]; + + volumes = [ + "/var/lib/sourcegraph/etc:/etc/sourcegraph" + "/var/lib/sourcegraph/data:/var/opt/sourcegraph" + ]; + + # Sourcegraph needs a higher nofile limit, it logs warnings + # otherwise (unclear whether it actually affects the service). + extraOptions = [ + "--ulimit" + "nofile=10000:10000" + ]; + }; +} + -- cgit 1.4.1