{ self, lib, ... }:
let
html =
with lib.fileset;
toSource {
root = ./html;
fileset = ./html;
};
in
{
flake.domain = "heimfeld.hamburg";
flake.machines.tharos = {
nixos =
{ lib, ... }:
{
networking.firewall.allowedTCPPorts = [
80
443
];
services.caddy = {
enable = true;
email = "redaktion@${self.domain}";
virtualHosts.${self.domain} = {
serverAliases = [ "www.${self.domain}" ];
extraConfig = ''
file_server
root * /var/www/${self.domain}
encode gzip
'';
};
};
systemd.tmpfiles.rules = [
# Verzeichnis für Web-Inhalte sofort anlegen, da der Webserver sonst nicht startet,
# aber nur wenn es noch nicht existiert.
"C /var/www/${self.domain} - - - - ${html}"
];
};
vm =
{
config,
pkgs,
lib,
...
}:
let
httpPort = 800;
in
{
services.caddy.globalConfig = ''
local_certs
'';
services.caddy.virtualHosts = {
"http://localhost:${toString httpPort}".extraConfig =
config.services.caddy.virtualHosts.${self.domain}.extraConfig;
};
networking.firewall.allowedTCPPorts = [
httpPort
];
systemd.services.caddy.path = [ pkgs.nssTools ]; # Irrelevante Warnung unterdrücken
services.getty.helpLine = lib.mkAfter ''
${
"" # Leerzeile für bessere Lesbarkeit
}
${self.domain}: http://localhost:${toString (config.virtualisation.portOffset + httpPort)}
'';
};
};
perSystem =
{
pkgs,
system,
self',
...
}:
{
# Website-Inhalte auf den Server hochladen
packages.publish = pkgs.writeShellApplication {
name = "publish";
runtimeInputs = with pkgs; [ rsync ];
text = ''
rsync -avi --rsync-path "sudo rsync" --chown caddy:caddy --delete ${self'.packages.html}/ ${self.machines.tharos.deploy-target}:/var/www/${self.domain}/
'';
};
# Lokale Vorschau
packages.html = pkgs.runCommand "source" { } ''
cp -r ${html} $out
'';
packages.preview = pkgs.devmode.override {
buildArgs = ''
-A packages.${system}.html -vv
'';
};
};
}