From 55ee036fd7ebed24097c8da1ca8a0b0829264670 Mon Sep 17 00:00:00 2001 From: Emile Date: Sat, 9 Mar 2024 22:56:01 +0100 Subject: big bang --- nix/hosts/corrino/www/magic-hash.emile.space.nix | 33 ++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 nix/hosts/corrino/www/magic-hash.emile.space.nix (limited to 'nix/hosts/corrino/www/magic-hash.emile.space.nix') diff --git a/nix/hosts/corrino/www/magic-hash.emile.space.nix b/nix/hosts/corrino/www/magic-hash.emile.space.nix new file mode 100644 index 0000000..05446ea --- /dev/null +++ b/nix/hosts/corrino/www/magic-hash.emile.space.nix @@ -0,0 +1,33 @@ +{ config, ... }: + +{ + services.nginx.virtualHosts."magic-hash.emile.space" = { + forceSSL = true; + enableACME = true; + + locations = { + "/" = { + proxyPass = "http://127.0.0.1:8339"; + }; + }; + }; + + virtualisation.oci-containers = { + backend = "docker"; + containers = { + "ctfd" = { + image = "magic-hash"; + ports = [ + "8338:80" + ]; + environment = { + + # this is not encouraged, but should work for the weekend (this is a + # flag, not a password, so even if it get's leaked, the worst that + # can happen is that people could enter it somewhere) + "FLAG" = builtins.readFile config.age.secrets.magic-hash-flag.path; + }; + }; + }; + }; +} -- cgit 1.4.1