NixOS configs for new Redbrick deployment
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
 
 
 
 
 
 
Cian Butler 5a4ff8d355 Update 'README.md' il y a 1 an
common Change TLD to redbrick.dcu.ie il y a 1 an
hosts Fix rainloop il y a 1 an
packages/httpd-error-pages fix building error page il y a 1 an
services trailing / are important and quote everything il y a 1 an
.gitignore Add working phpfpm config for first few users il y a 1 an
LICENSE Add license il y a 1 an
README.md Update 'README.md' il y a 1 an

README.md

NixOS Configurations

Repo Migration

This repo has been moved to https://github.com/redbrick/nix-configs so as to avoid circular dependecies

Used to deploy redbrick 2.0

Installation

cd /etc/nixos
tar -cjf ~/nixos_backup.tar.bz2 *
rm *
git clone $THIS_REPO .
ln -s hosts/$(hostname)/configuration.nix .
nixos-rebuild switch

Deploying Apache/httpd

users.nix needs to be generated before deploying Apache. Use this command:

cd services/httpd
ldapsearch -b o=redbrick -h ldap.internal -xLLL objectClass=posixAccount uid homeDirectory gidNumber | python3 ldap2nix.py /storage/webtree/ > users.nix

Then generate the preliminary certs for every domain so that httpd can start:

# List all acme-selfsigned-* services and put them in a txt file. Do this with `systemctl status acme-selfsigned-<tab>`
cat selfsigned-svcs.txt | xargs systemctl start

Now apache will start. Generate the real certs for each domain, one at a time as to not get rate limited

cd /var/lib/acme
for cert in *; do journalctl -fu acme-$cert.service & systemctl start acme-$cert.service && kill $!; done
systemctl reload httpd