NixOS configs for new Redbrick deployment
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
 
 
 
 
 
 
Cian Butler 5a4ff8d355 Update 'README.md' 1 ano atrás
common Change TLD to redbrick.dcu.ie 1 ano atrás
hosts Fix rainloop 1 ano atrás
packages/httpd-error-pages fix building error page 1 ano atrás
services trailing / are important and quote everything 1 ano atrás
.gitignore Add working phpfpm config for first few users 1 ano atrás
LICENSE Add license 1 ano atrás
README.md Update 'README.md' 1 ano atrás

README.md

NixOS Configurations

Repo Migration

This repo has been moved to https://github.com/redbrick/nix-configs so as to avoid circular dependecies

Used to deploy redbrick 2.0

Installation

cd /etc/nixos
tar -cjf ~/nixos_backup.tar.bz2 *
rm *
git clone $THIS_REPO .
ln -s hosts/$(hostname)/configuration.nix .
nixos-rebuild switch

Deploying Apache/httpd

users.nix needs to be generated before deploying Apache. Use this command:

cd services/httpd
ldapsearch -b o=redbrick -h ldap.internal -xLLL objectClass=posixAccount uid homeDirectory gidNumber | python3 ldap2nix.py /storage/webtree/ > users.nix

Then generate the preliminary certs for every domain so that httpd can start:

# List all acme-selfsigned-* services and put them in a txt file. Do this with `systemctl status acme-selfsigned-<tab>`
cat selfsigned-svcs.txt | xargs systemctl start

Now apache will start. Generate the real certs for each domain, one at a time as to not get rate limited

cd /var/lib/acme
for cert in *; do journalctl -fu acme-$cert.service & systemctl start acme-$cert.service && kill $!; done
systemctl reload httpd