blob: b09516297f928f8e9dc5de04bf2fdd155cebbbdf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
# Run sourcegraph, including its entire machinery, in a container.
# Running it outside of a container is a futile endeavour for now.
# adapted from https://cs.tvl.fyi/depot/-/blob/ops/modules/sourcegraph.nix
{ config, ... }:
let
ports = import ../ports.nix;
in {
services.nginx.virtualHosts."cs.emile.space" = {
forceSSL = true;
enableACME = true;
locations = {
"/" = {
proxyPass = "http://127.0.0.1:${toString ports.cs}";
extraConfig = ''
location = / {
return 301 https://cs.emile.space/hefe;
}
location / {
proxy_set_header X-Sg-Auth "Anonymous";
proxy_pass http://localhost:7080;
}
location /users/Anonymous/settings {
return 301 https://cs.emile.space;
}
'';
};
};
};
virtualisation.oci-containers.backend = "docker";
virtualisation.oci-containers.containers.sourcegraph = {
image = "sourcegraph/server:5.1.1";
ports = [
"127.0.0.1:${toString ports.cs}:7080"
];
volumes = [
"/var/lib/sourcegraph/etc:/etc/sourcegraph"
"/var/lib/sourcegraph/data:/var/opt/sourcegraph"
];
# Sourcegraph needs a higher nofile limit, it logs warnings
# otherwise (unclear whether it actually affects the service).
extraOptions = [
"--ulimit"
"nofile=10000:10000"
];
};
}
|
