Create minimal cloud staging config for netcup VPS
This commit is contained in:
Eli Fadi
parent
8c1d4baeda
commit
3ceca975ae
1 changed files with 5 additions and 35 deletions
|
|
@ -4,23 +4,16 @@
|
|||
imports = [
|
||||
./hardware-configuration.nix
|
||||
../../modules/common.nix
|
||||
../../modules/sops.nix
|
||||
../../modules/nextcloud.nix
|
||||
../../modules/forgejo.nix
|
||||
];
|
||||
|
||||
networking.hostName = name;
|
||||
time.timeZone = "Europe/Stockholm";
|
||||
|
||||
# Staging: open ports for web
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 22 ];
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
# Put placeholders for domains now; you can change later
|
||||
services.flowback = {
|
||||
nextcloudHost = "cloud-staging.example.com";
|
||||
forgejoHost = "git-staging.example.com";
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 22 80 443 ];
|
||||
|
||||
# Minimal user (replace with your SSH key)
|
||||
users.users.elifa = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ];
|
||||
|
|
@ -30,29 +23,6 @@
|
|||
};
|
||||
|
||||
security.sudo.wheelNeedsPassword = false;
|
||||
# Local VM overrides (so you can test immediately without real DNS/TLS/secrets)
|
||||
virtualisation.vmVariant = { lib, config, ... }: {
|
||||
# Forward guest port 80 -> host port 8080
|
||||
virtualisation.forwardPorts = [
|
||||
{ from = "host"; host.port = 8080; guest.port = 80; }
|
||||
];
|
||||
|
||||
# Disable ACME/forced SSL for VM testing
|
||||
security.acme.acceptTerms = lib.mkForce false;
|
||||
services.nginx.virtualHosts.${config.services.flowback.nextcloudHost}.enableACME = lib.mkForce false;
|
||||
services.nginx.virtualHosts.${config.services.flowback.nextcloudHost}.forceSSL = lib.mkForce false;
|
||||
services.nginx.virtualHosts.${config.services.flowback.forgejoHost}.enableACME = lib.mkForce false;
|
||||
services.nginx.virtualHosts.${config.services.flowback.forgejoHost}.forceSSL = lib.mkForce false;
|
||||
|
||||
# Nextcloud over HTTP in VM
|
||||
services.nextcloud.https = lib.mkForce false;
|
||||
|
||||
# VM-only admin password file (OK for local testing)
|
||||
environment.etc."nextcloud-adminpass".text = "admin123admin123";
|
||||
services.nextcloud.config.adminpassFile = lib.mkForce "/etc/nextcloud-adminpass";
|
||||
|
||||
# Allow Forgejo user creation in VM (first user becomes admin during setup)
|
||||
services.forgejo.settings.service.DISABLE_REGISTRATION = lib.mkForce false;
|
||||
};
|
||||
system.stateVersion = "25.11";
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue