NixOS configs for new Redbrick deployment
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
Cian Butler 5a4ff8d355 Update '' 1年前
common Change TLD to 1年前
hosts Fix rainloop 1年前
packages/httpd-error-pages fix building error page 1年前
services trailing / are important and quote everything 1年前
.gitignore Add working phpfpm config for first few users 1年前
LICENSE Add license 1年前 Update '' 1年前

NixOS Configurations

Repo Migration

This repo has been moved to so as to avoid circular dependecies

Used to deploy redbrick 2.0


cd /etc/nixos
tar -cjf ~/nixos_backup.tar.bz2 *
rm *
git clone $THIS_REPO .
ln -s hosts/$(hostname)/configuration.nix .
nixos-rebuild switch

Deploying Apache/httpd

users.nix needs to be generated before deploying Apache. Use this command:

cd services/httpd
ldapsearch -b o=redbrick -h ldap.internal -xLLL objectClass=posixAccount uid homeDirectory gidNumber | python3 /storage/webtree/ > users.nix

Then generate the preliminary certs for every domain so that httpd can start:

# List all acme-selfsigned-* services and put them in a txt file. Do this with `systemctl status acme-selfsigned-<tab>`
cat selfsigned-svcs.txt | xargs systemctl start

Now apache will start. Generate the real certs for each domain, one at a time as to not get rate limited

cd /var/lib/acme
for cert in *; do journalctl -fu acme-$cert.service & systemctl start acme-$cert.service && kill $!; done
systemctl reload httpd