blob: 05446ea8716f2fc4b0e874a5f8532d7cc4ff8244 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
{ config, ... }:
{
services.nginx.virtualHosts."magic-hash.emile.space" = {
forceSSL = true;
enableACME = true;
locations = {
"/" = {
proxyPass = "http://127.0.0.1:8339";
};
};
};
virtualisation.oci-containers = {
backend = "docker";
containers = {
"ctfd" = {
image = "magic-hash";
ports = [
"8338:80"
];
environment = {
# this is not encouraged, but should work for the weekend (this is a
# flag, not a password, so even if it get's leaked, the worst that
# can happen is that people could enter it somewhere)
"FLAG" = builtins.readFile config.age.secrets.magic-hash-flag.path;
};
};
};
};
}
|
