From 55ee036fd7ebed24097c8da1ca8a0b0829264670 Mon Sep 17 00:00:00 2001 From: Emile Date: Sat, 9 Mar 2024 22:56:01 +0100 Subject: big bang --- nix/hosts/corrino/www/netbox.emile.space.nix | 63 ++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 nix/hosts/corrino/www/netbox.emile.space.nix (limited to 'nix/hosts/corrino/www/netbox.emile.space.nix') diff --git a/nix/hosts/corrino/www/netbox.emile.space.nix b/nix/hosts/corrino/www/netbox.emile.space.nix new file mode 100644 index 0000000..a86209c --- /dev/null +++ b/nix/hosts/corrino/www/netbox.emile.space.nix @@ -0,0 +1,63 @@ +{ config, pkgs, ... }: + +{ + services.nginx.virtualHosts."netbox.emile.space" = { + forceSSL = true; + enableACME = true; + kTLS = true; + + locations."/" = { + proxyPass = "http://[::1]:8001"; + proxyWebsockets = true; + }; + locations."/static/".root = "${config.services.netbox.dataDir}"; + }; + + users.users.nginx.extraGroups = [ "netbox" ]; + + environment.systemPackages = with pkgs; [ netbox ]; + + services.netbox = { + enable = true; + package = pkgs.netbox_3_6; # nixos 23.11 now has netbox 3.6 + dataDir = "/var/lib/netbox"; + settings.ALLOWED_HOSTS = [ "*" ]; + enableLdap = false; + settings = {}; + secretKeyFile = config.age.secrets.netbox_secret.path; + port = 8001; + listenAddress = "[::1]"; + }; + + age.secrets.netbox_secret = { + mode = "440"; + owner = "netbox"; + group = "netbox"; + }; + + #services.netbox = { + # enable = true; + # listenAddress = "[::1]"; + # secretKeyFile = config.age.secrets.netbox_secret.path; + # package = pkgs.netbox.override { python3 = pkgs.python310; }; + # # extraConfig = '' + # # # REMOTE_AUTH_BACKEND = 'social_core.backends.open_id_connect.OpenIdConnectAuth' + # # # SOCIAL_AUTH_OIDC_OIDC_ENDPOINT = 'https://auth.c3voc.de' + + # # EXEMPT_VIEW_PERMISSIONS = ['*'] + # # ''; + #}; + + # add nginx to the netbox group so it can read /var/lib/nginx/static + # users = { + # groups."netbox" = {}; + # users = { + # netbox = { + # isNormalUser = true; + # group = "netbox"; + # }; + # }; + # }; + # users.users.nginx.extraGroups = [ "netbox" ]; +} + -- cgit 1.4.1