mirror of
https://github.com/genebean/dots.git
synced 2026-03-27 09:27:44 -04:00
Working NixOS Container (systemd-nspawn) w/ Nginx
Using https://nixos.wiki/wiki/NixOS_Containers and https://nixos.wiki/wiki/Nginx I can now get to the default Nginx web page from another host on my network.
This commit is contained in:
parent
710a5c5c16
commit
48f74e7c6a
2 changed files with 34 additions and 17 deletions
|
|
@ -112,7 +112,7 @@
|
||||||
};
|
};
|
||||||
modules = [
|
modules = [
|
||||||
disko.nixosModules.disko
|
disko.nixosModules.disko
|
||||||
microvm.nixosModules.host
|
#microvm.nixosModules.host
|
||||||
|
|
||||||
home-manager.nixosModules.home-manager {
|
home-manager.nixosModules.home-manager {
|
||||||
home-manager = {
|
home-manager = {
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,6 @@
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
./audiobookshelf.nix
|
./audiobookshelf.nix
|
||||||
#microvm.nixosModules.host
|
|
||||||
#../microvms/nginx-proxy
|
#../microvms/nginx-proxy
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
@ -21,6 +20,36 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
containers.nginx-proxy = {
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostBridge = "br1-23";
|
||||||
|
localAddress = "192.168.23.21/24";
|
||||||
|
config = { config, pkgs, lib, ... }: {
|
||||||
|
system.stateVersion = "23.11";
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts.default.listen = [{
|
||||||
|
port = 80;
|
||||||
|
addr = "0.0.0.0";
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
firewall = {
|
||||||
|
enable = true;
|
||||||
|
allowedTCPPorts = [ 80 ];
|
||||||
|
};
|
||||||
|
defaultGateway = "192.168.23.1";
|
||||||
|
# Use systemd-resolved inside the container
|
||||||
|
# Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
|
||||||
|
useHostResolvConf = lib.mkForce false;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.resolved.enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
intel-gpu-tools
|
intel-gpu-tools
|
||||||
jellyfin
|
jellyfin
|
||||||
|
|
@ -42,10 +71,6 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
#microvm.autostart = [
|
|
||||||
#"nginx-proxy"
|
|
||||||
#];
|
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
# Open ports in the firewall.
|
# Open ports in the firewall.
|
||||||
firewall.allowedTCPPorts = [ 22 80 ];
|
firewall.allowedTCPPorts = [ 22 80 ];
|
||||||
|
|
@ -55,6 +80,7 @@
|
||||||
|
|
||||||
hostId = "c5826b45"; # head -c4 /dev/urandom | od -A none -t x4
|
hostId = "c5826b45"; # head -c4 /dev/urandom | od -A none -t x4
|
||||||
|
|
||||||
|
useDHCP = false;
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
vlans = {
|
vlans = {
|
||||||
vlan23 = { id = 23; interface = "eno1"; };
|
vlan23 = { id = 23; interface = "eno1"; };
|
||||||
|
|
@ -62,19 +88,10 @@
|
||||||
bridges = {
|
bridges = {
|
||||||
br1-23 = { interfaces = [ "vlan23" ]; };
|
br1-23 = { interfaces = [ "vlan23" ]; };
|
||||||
};
|
};
|
||||||
useDHCP = false;
|
|
||||||
interfaces = {
|
interfaces = {
|
||||||
eno1.ipv4.addresses = [{
|
eno1.useDHCP = true;
|
||||||
address = "192.168.20.190";
|
br1-23.useDHCP = false;
|
||||||
prefixLength = 24;
|
|
||||||
}];
|
|
||||||
#br1-23.ipv4.addresses = [{
|
|
||||||
#address = "192.168.23.21";
|
|
||||||
#prefixLength = 24;
|
|
||||||
#}];
|
|
||||||
};
|
};
|
||||||
defaultGateway = "192.168.20.1";
|
|
||||||
nameservers = [ "192.168.20.1" ];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# Hardware Transcoding for Jellyfin
|
# Hardware Transcoding for Jellyfin
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue