remove test setup from lpt2

2025-09-18 18:50:41 +02:00 · 2025-09-18 18:50:41 +02:00 · 202baf61b6
commit 202baf61b6
parent 6b08d3d86c
3 changed files with 0 additions and 105 deletions
--- a/nixosConfigurations/vinzenz-lpt2/default.nix
+++ b/nixosConfigurations/vinzenz-lpt2/default.nix
@ -1,7 +1,6 @@
 {
  imports = [
    ./hardware.nix
    ./nginx.nix
  ];
  config = {
--- a/nixosConfigurations/vinzenz-lpt2/nginx.nix
+++ b/nixosConfigurations/vinzenz-lpt2/nginx.nix
@ -1,66 +0,0 @@
 { pkgs, ... }:
 let
  blog-domain-socket = "/run/nginx/blog.sock";
  anubis-domain-socket = "/run/anubis/anubis-blog.sock";
 in
 {
  users.groups = {
    anubis.members = [ "nginx" ];
    nginx.members = [ "anubis" ];
  };
  services = {
    nginx = {
      enable = true;
      recommendedProxySettings = true;
      recommendedTlsSettings = true;
      recommendedGzipSettings = true;
      recommendedOptimisation = true;
      virtualHosts = {
        #"vinzenz-lpt2" = {
        #  locations."/" = {
        #    proxyPass = "http://127.0.0.1:3000/";
        #    proxyWebsockets = true;
        #  };
        #
        #  serverAliases = [ "172.23.42.96" ];
        #};
        "vinzenz-lpt2" = {
          locations."/" = {
            proxyPass = "http://unix:" + anubis-domain-socket;
          };
        };
        "vinzenz-lpt2-in-anubis" = {
          root = pkgs.zerforschen-plus-content;
          listen = [
            {
              addr = "unix:" + blog-domain-socket;
            }
          ];
        };
      };
    };
    #networking.firewall = {
    #  allowedTCPPorts = [
    #    80
    #    8001
    #    3000
    #  ];
    #  allowedUDPPorts = [ 2342 ];
    #};
    anubis = {
      instances.main = {
        enable = true;
        settings = {
          BIND = anubis-domain-socket;
          TARGET = "unix://" + blog-domain-socket;
        };
      };
    };
  };
 }
--- a/nixosConfigurations/vinzenz-lpt2/zerforschen-plus.nix
+++ b/nixosConfigurations/vinzenz-lpt2/zerforschen-plus.nix
@ -1,38 +0,0 @@
 {
  pkgs,
  ...
 }:
 {
  security.acme = {
    acceptTerms = true;
    defaults.email = "acme@zerforschen.plus";
  };
  security.pam.services.nginx.setEnvironment = false;
  systemd.services.nginx.serviceConfig = {
    SupplementaryGroups = [ "shadow" ];
  };
  services.nginx = {
    enable = true;
    additionalModules = [ pkgs.nginxModules.pam ];
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    virtualHosts = {
      "zerforschen.plus" = {
        #addSSL = true;
        #enableACME = true;
        root = pkgs.zerforschen-plus-content;
      };
    };
  };
  #networking.firewall.allowedTCPPorts = [
  #  80
  #  443
  #];
 }