Piotr Dobrowolski | a01905a | 2021-10-16 18:22:46 +0200 | [diff] [blame] | 1 | { pkgs, workspace, ... }: |
| 2 | |
| 3 | let |
| 4 | name = "laserproxy"; |
| 5 | user = name; |
| 6 | group = name; |
| 7 | in { |
| 8 | users.users."${user}" = { |
| 9 | group = "${group}"; |
Piotr Dobrowolski | b6bc3e6 | 2021-10-16 21:56:59 +0200 | [diff] [blame] | 10 | isSystemUser = true; |
| 11 | uid = 1004; |
Piotr Dobrowolski | a01905a | 2021-10-16 18:22:46 +0200 | [diff] [blame] | 12 | }; |
| 13 | users.groups."${group}" = {}; |
| 14 | |
| 15 | systemd.services."${name}" = { |
| 16 | description = "Logging packet log from nftables"; |
| 17 | wantedBy = [ "multi-user.target" ]; |
vuko | e8a5d8f | 2022-06-26 19:09:43 +0200 | [diff] [blame] | 18 | after = ["network-addresses-laser.service"]; |
Piotr Dobrowolski | a01905a | 2021-10-16 18:22:46 +0200 | [diff] [blame] | 19 | |
| 20 | serviceConfig.User = "${user}"; |
| 21 | serviceConfig.Type = "simple"; |
vuko | e8a5d8f | 2022-06-26 19:09:43 +0200 | [diff] [blame] | 22 | serviceConfig.Restart = "always"; |
| 23 | serviceConfig.RestartSec = "30"; |
Piotr Dobrowolski | a01905a | 2021-10-16 18:22:46 +0200 | [diff] [blame] | 24 | serviceConfig.ExecStart = "${workspace.hswaw.laserproxy}/bin/laserproxy -logtostderr -hspki_disable -web_address 127.0.0.1:2137"; |
| 25 | }; |
| 26 | |
| 27 | services.nginx.virtualHosts."laser.waw.hackerspace.pl" = { |
| 28 | listen = [ |
| 29 | { addr = "10.8.1.2"; port=80; ssl=false; } |
| 30 | #{ addr = "10.8.1.2"; port=433; ssl=true; } |
| 31 | ]; |
| 32 | locations."/" = { |
| 33 | proxyPass = "http://127.0.0.1:2137/"; |
| 34 | extraConfig = '' |
| 35 | proxy_set_header Host $host; |
| 36 | proxy_set_header X-Real-IP $remote_addr; |
| 37 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
| 38 | proxy_set_header X-Forwarded-Host $host:$server_port; |
| 39 | proxy_set_header X-Forwarded-Server $host; |
| 40 | proxy_set_header X-Forwarded-Proto $scheme; |
| 41 | |
| 42 | allow 10.0.0.0/8; |
| 43 | deny all; |
| 44 | ''; |
| 45 | }; |
| 46 | }; |
| 47 | |
| 48 | } |