diff --git a/configuration/default.nix b/configuration/default.nix
index a12aceb..42e43ec 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -3,6 +3,7 @@
{
imports = [
./services/gitea.nix
+ ./services/hydra.nix
./services/minecraft.nix
./services/nextcloud.nix
./services/webserver.nix
@@ -68,6 +69,7 @@
"${domain}" = host 3002 { serverAliases = [ "www.${domain}" ]; };
"gitea.${domain}" = host 3000 { };
"nextcloud.${domain}" = host 3001 { };
+ "hydra.${domain}" = host config.services.hydra.port { };
};
};
diff --git a/configuration/services/hydra.nix b/configuration/services/hydra.nix
new file mode 100644
index 0000000..2321407
--- /dev/null
+++ b/configuration/services/hydra.nix
@@ -0,0 +1,16 @@
+{ ... }:
+
+{
+ services.hydra = {
+ enable = true;
+ port = 3003;
+
+ hydraURL = "hydra.tlater.net";
+ notificationSender = "hydra@tlater.net";
+ extraConfig = ''
+ <gitea_authorization>
+
+ </gitea_authorization>
+ '';
+ };
+}
diff --git a/flake.nix b/flake.nix
index 78a3cfb..bf1c240 100644
--- a/flake.nix
+++ b/flake.nix
@@ -68,7 +68,7 @@
(import ./modules)
(import ./configuration)
- ({ lib, ... }: {
+ ({ config, lib, ... }: {
users.users.tlater.password = "insecure";
# Disable graphical tty so -curses works
@@ -78,6 +78,18 @@
# can easily test locally with the VM.
services.nginx.domain = lib.mkOverride 99 "localhost";
+ # Hydra uses X-Forwarded-Port to figure out how to
+ # include links to static files, but because we redirect
+ # 443 -> 3443 in the vm we need to explicitly set this
+ # (nginx can't see qemu's port redirection).
+ services.nginx.virtualHosts =
+ let domain = config.services.nginx.domain;
+ in {
+ "hydra.${domain}".locations."/".extraConfig = ''
+ proxy_set_header X-Forwarded-Port 3443;
+ '';
+ };
+
# # Set up VM settings to match real VPS
# virtualisation.memorySize = 3941;
# virtualisation.cores = 2;