DuN0z/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: DuN0z:da8f43f652744b8af436e0fe0f81bd3b90647189
Branches Tags
DuN0z:master
DuN0z:refactor
DuN0z:main
..
compare: DuN0z:1e5e3d1e5f96ff855f4d7ef6c8a1c95d1dcb2ec2
Branches Tags
DuN0z:master
DuN0z:refactor
DuN0z:main

No commits in common. "da8f43f652744b8af436e0fe0f81bd3b90647189" and "1e5e3d1e5f96ff855f4d7ef6c8a1c95d1dcb2ec2" have entirely different histories.
da8f43f652 ... 1e5e3d1e5f

2 changed files with 29 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/terre-neuvas/configuration.nix
View file

@ -46,6 +46,7 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
git git
hugo
]; ];
networking = { networking = {
useNetworkd = true; useNetworkd = true;

54
modules/sites/levr.porzh.me.nix
View file

@ -1,33 +1,27 @@
{ pkgs, lib, ...}: { _: {
environment.systemPackages = with pkgs; [ # -----------------------------------------------------------------
hugo # 1⃣ Caddy (reverseproxy / serveur web statique)
]; # -----------------------------------------------------------------
systemd.services.hugo-build = {
description = "Auto build du blog hugo";
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
serviceConfig = {
Type = "oneshot";
WorkingDirectory = "/srv/blog" ;
ExecStart = ''
${pkgs.git}/bin/git pull origin master
${pkgs.hugo}/bin/hugo --minify build -d /srv/blog/public
'';
User = "lomig";
};
environment = {
PATH = lib.mkForce "${pkgs.git}/bin:${pkgs.hugo}/bin:${pkgs.openssh}/bin";
};
};
systemd.timers.hugo-build = {
description = "Timer pour rebuild du blog";
wantedBy = [ "timers.target" ];
timerConfig.OnCalendar = "daily" ;
};
services.caddy = { services.caddy = {
enable = true; enable = true;
# Caddy démarre en tant quutilisateur «caddy».
# On lui donne accès au répertoire du blog via les ACL créées plus haut.
# (Pas besoin de config supplémentaire côté OS.)
# -----------------------------------------------------------------
# 2⃣ Sites gérés par Caddy (Caddyfile intégré)
# -----------------------------------------------------------------
virtualHosts = { virtualHosts = {
"levr.porzh.me" = { "levr.porzh.me" = {
# Le domaine sera automatiquement provisionné avec TLS via ACME
# (Let's Encrypt) grâce à loption `autoHTTPS = true` (défaut).
# Aucun certificat manuel nest requis.
# Le répertoire contenant les fichiers générés par Hugo
# (Optionnel) Rediriger HTTP → HTTPS Caddy le fait déjà,
# mais on le rend explicite pour la clarté.
extraConfig = '' extraConfig = ''
@http { @http {
protocol http protocol http
@ -43,4 +37,12 @@
}; };
}; };
}; };
# -----------------------------------------------------------------
# 3⃣ Ouverture du firewall (ports 80 et 443)
# -----------------------------------------------------------------
# networking.firewall.allowedTCPPorts = [
# 80 # HTTP (pour la redirection ACME)
# 443 # HTTPS (site final)
# ];
} }