2021-02-20 22:32:00 +00:00
|
|
|
{ pkgs, config, ...}:
|
|
|
|
|
|
|
|
{
|
|
|
|
containers.hasenloch = {
|
|
|
|
autoStart = true;
|
|
|
|
privateNetwork = true;
|
|
|
|
hostAddress = "192.168.100.5";
|
|
|
|
localAddress = "192.168.100.7";
|
|
|
|
|
|
|
|
config = { pkgs, config2, ...}: {
|
|
|
|
services.engelsystem = {
|
|
|
|
enable = true;
|
2021-03-24 18:19:33 +00:00
|
|
|
package = pkgs.engelsystem.overrideAttrs (oldAttrs: rec {
|
|
|
|
version = "3.1.1-r2r";
|
|
|
|
src = pkgs.fetchzip {
|
|
|
|
url = "https://schwe.by/files/engelsystem2.zip";
|
|
|
|
sha256 = "0kqididzlslzrcpx89pf57008lh040ghhhab83sz28zabsm9945q";
|
|
|
|
};
|
|
|
|
});
|
2021-02-20 22:32:00 +00:00
|
|
|
domain = "himmel.hacc.earth";
|
|
|
|
|
|
|
|
config = {
|
|
|
|
url = "https://himmel.hacc.earth";
|
|
|
|
trusted_proxies = [ "${config.containers.hasenloch.hostAddress}/31" ];
|
|
|
|
rewrite_urls = true;
|
|
|
|
|
|
|
|
app_name = "Hasenloch";
|
|
|
|
|
|
|
|
footer_items = {
|
|
|
|
FAQ = "TODO";
|
|
|
|
Contact = "TODO";
|
|
|
|
};
|
|
|
|
|
|
|
|
signup_requires_arrival = true;
|
2021-03-24 18:28:22 +00:00
|
|
|
enable_dect = true;
|
|
|
|
enable_pronoun = true;
|
|
|
|
enable_tshirt_size = false;
|
|
|
|
night_shifts.enabled = false;
|
|
|
|
autoarrive = true;
|
|
|
|
|
|
|
|
theme = 15;
|
2021-02-20 22:32:00 +00:00
|
|
|
|
|
|
|
database = {
|
|
|
|
database = "engelsystem";
|
|
|
|
host = "localhost";
|
|
|
|
username = "engelsystem";
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
email = {
|
|
|
|
driver = "smtp";
|
|
|
|
encryption = "tls";
|
|
|
|
from = {
|
|
|
|
address = "noreply@infra4future.de";
|
|
|
|
name = "divoc Hasenloch";
|
|
|
|
};
|
|
|
|
host = "mail.hacc.space";
|
|
|
|
password = {
|
|
|
|
_secret = "/var/keys/engelsystem/mail";
|
|
|
|
};
|
|
|
|
port = 587;
|
|
|
|
username = "noreply@infra4future.de";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
|
|
|
networking.firewall.enable = false;
|
|
|
|
services.coredns = {
|
|
|
|
enable = true;
|
|
|
|
config = ''
|
|
|
|
.:53 {
|
|
|
|
forward . 1.1.1.1
|
|
|
|
}
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
services.nginx.recommendedProxySettings = true;
|
|
|
|
services.nginx.virtualHosts."himmel.hacc.earth" = {
|
|
|
|
locations."/".proxyPass = "http://" + config.containers.hasenloch.localAddress;
|
|
|
|
forceSSL = true;
|
|
|
|
enableACME = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
networking.nat.enable = true;
|
|
|
|
networking.nat.internalInterfaces = ["ve-hasenloch"];
|
|
|
|
networking.nat.externalInterface = "enp6s0";
|
|
|
|
|
|
|
|
}
|
|
|
|
|