Tristan Daniël Maat
759a9c7c0c
letsencrypt will prod on port 80 to verify the domain. `listen` overrides `addSSL`, so none of the NixOS modules' setup will actually work. This means the conduit virtualhost never listened on port 80, and couldn't verify letsencrypt requests. How this *ever* worked is beyond me, but this commit resolves the problems (don't worry, `forceSSL` does what it says on the tin and overrides the `listen` again). |
||
---|---|---|
configuration | ||
keys | ||
lib | ||
modules | ||
pkgs | ||
.gitignore | ||
.sops.yaml | ||
flake.lock | ||
flake.nix | ||
LICENSE | ||
README.md |
tlater.net server configuration
This is the NixOS configuration for tlater.net.
Testing
Run a test VM with:
nix run
Running
Note: M-2 will bring up a console for poweroff and such
One caveat: create a larger disk image first. This can be done by running the following in the repository root:
qemu-img create -f qcow2 ./tlaternet.qcow2 20G
New services
Whenever a new service is added, add an appropriate port binding to
qemuNetOpts
in the default app.
There is no way to test this without binding to the host port, sadly.
Deploying
Deployment is handled using deploy-rs:
deploy .#tlaternet