Compare commits
3 commits
1e5e3d1e5f
...
da8f43f652
| Author | SHA1 | Date | |
|---|---|---|---|
| da8f43f652 | |||
| 72154f92b7 | |||
| 72c60bd5e0 |
2 changed files with 26 additions and 29 deletions
|
|
@ -46,7 +46,6 @@
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
|
neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
|
||||||
git
|
git
|
||||||
hugo
|
|
||||||
];
|
];
|
||||||
networking = {
|
networking = {
|
||||||
useNetworkd = true;
|
useNetworkd = true;
|
||||||
|
|
|
||||||
|
|
@ -1,27 +1,33 @@
|
||||||
_: {
|
{ pkgs, lib, ...}: {
|
||||||
# -----------------------------------------------------------------
|
environment.systemPackages = with pkgs; [
|
||||||
# 1️⃣ Caddy (reverse‑proxy / serveur web statique)
|
hugo
|
||||||
# -----------------------------------------------------------------
|
];
|
||||||
|
systemd.services.hugo-build = {
|
||||||
|
description = "Auto build du blog hugo";
|
||||||
|
after = [ "network-online.target" ];
|
||||||
|
wants = [ "network-online.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
WorkingDirectory = "/srv/blog" ;
|
||||||
|
ExecStart = ''
|
||||||
|
${pkgs.git}/bin/git pull origin master
|
||||||
|
${pkgs.hugo}/bin/hugo --minify build -d /srv/blog/public
|
||||||
|
'';
|
||||||
|
User = "lomig";
|
||||||
|
};
|
||||||
|
environment = {
|
||||||
|
PATH = lib.mkForce "${pkgs.git}/bin:${pkgs.hugo}/bin:${pkgs.openssh}/bin";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
systemd.timers.hugo-build = {
|
||||||
|
description = "Timer pour rebuild du blog";
|
||||||
|
wantedBy = [ "timers.target" ];
|
||||||
|
timerConfig.OnCalendar = "daily" ;
|
||||||
|
};
|
||||||
services.caddy = {
|
services.caddy = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
# Caddy démarre en tant qu’utilisateur « caddy ».
|
|
||||||
# On lui donne accès au répertoire du blog via les ACL créées plus haut.
|
|
||||||
# (Pas besoin de config supplémentaire côté OS.)
|
|
||||||
|
|
||||||
# -----------------------------------------------------------------
|
|
||||||
# 2️⃣ Sites gérés par Caddy (Caddyfile intégré)
|
|
||||||
# -----------------------------------------------------------------
|
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"levr.porzh.me" = {
|
"levr.porzh.me" = {
|
||||||
# Le domaine sera automatiquement provisionné avec TLS via ACME
|
|
||||||
# (Let's Encrypt) grâce à l’option `autoHTTPS = true` (défaut).
|
|
||||||
# Aucun certificat manuel n’est requis.
|
|
||||||
|
|
||||||
# Le répertoire contenant les fichiers générés par Hugo
|
|
||||||
|
|
||||||
# (Optionnel) Rediriger HTTP → HTTPS – Caddy le fait déjà,
|
|
||||||
# mais on le rend explicite pour la clarté.
|
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
@http {
|
@http {
|
||||||
protocol http
|
protocol http
|
||||||
|
|
@ -37,12 +43,4 @@ _: {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# -----------------------------------------------------------------
|
|
||||||
# 3️⃣ Ouverture du firewall (ports 80 et 443)
|
|
||||||
# -----------------------------------------------------------------
|
|
||||||
# networking.firewall.allowedTCPPorts = [
|
|
||||||
# 80 # HTTP (pour la redirection ACME)
|
|
||||||
# 443 # HTTPS (site final)
|
|
||||||
# ];
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue