nixin-web/inventory/demo-configuration.nix

{ pkgs, ... }:

{
  networking.hosts = {
    "127.0.0.1" = [ "hedgedoc.nixin.local" ];
  };

  networking.hostName = "demo";
  networking.firewall = {
    allowedTCPPorts = [
      80
      443
    ];
  };

  services.hedgedoc = {
    enable = true;
    settings.domain = "hedgedoc.nixin.local";
    settings.port = 8001;
    settings.host = "0.0.0.0";
    settings.protocolUseSSL = false;
    settings.allowOrigin = [
      "localhost"
      "hedgedoc.nixin.local"
    ];
  };

  users.users.operator = {
    isNormalUser = true;
    extraGroups = [ "wheel" ];
    initialPassword = "test";
  };

  security.acme.defaults.email = "contact@nixin.local";
  security.acme.acceptTerms = true;

  services.nginx = {
    enable = true;

    # Use recommended settings
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;

    # Only allow PFS-enabled ciphers with AES256
    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";

    virtualHosts."hedgedoc.nixin.local" = {
      forceSSL = true;
      enableACME = true;
      root = "/var/www/hedgedoc";
      locations."/".proxyPass = "http://127.0.0.1:8001";
      locations."/socket.io/" = {
        proxyPass = "http://127.0.0.1:8001";
        proxyWebsockets = true;
        extraConfig = "proxy_ssl_server_name on;";
      };
    };
  };

  environment.systemPackages = with pkgs; [
    git
    wget
    tmux
    mosh
    htop
  ];

  system.stateVersion = "24.05";
}
feat(configuration): harmonize demo and vue component for configuration 2024-10-11 10:51:41 +00:00			`{ pkgs, ... }:`
Add nginx proxy in demo configuration 2024-10-03 09:15:01 +00:00
feat: build instructions and example 2024-09-28 17:11:22 +00:00			`{`
wip demo conf 2024-09-30 08:49:45 +00:00			`networking.hosts = {`
new wip demo conf 2024-09-30 09:18:45 +00:00			`"127.0.0.1" = [ "hedgedoc.nixin.local" ];`
wip demo conf 2024-09-30 08:49:45 +00:00			`};`
Add nginx proxy in demo configuration 2024-10-03 09:15:01 +00:00
new wip demo conf 2024-09-30 09:18:45 +00:00			`networking.hostName = "demo";`
wip demo conf 2024-09-30 08:49:45 +00:00			`networking.firewall = {`
feat(configuration): harmonize demo and vue component for configuration 2024-10-11 10:51:41 +00:00			`allowedTCPPorts = [`
			`80`
			`443`
			`];`
wip demo conf 2024-09-30 08:49:45 +00:00			`};`
Add nginx proxy in demo configuration 2024-10-03 09:15:01 +00:00
wip demo conf 2024-09-30 08:49:45 +00:00			`services.hedgedoc = {`
			`enable = true;`
			`settings.domain = "hedgedoc.nixin.local";`
feat(configuration): harmonize demo and vue component for configuration 2024-10-11 10:51:41 +00:00			`settings.port = 8001;`
			`settings.host = "0.0.0.0";`
new wip demo conf 2024-09-30 09:18:45 +00:00			`settings.protocolUseSSL = false;`
wip demo conf 2024-09-30 08:49:45 +00:00			`settings.allowOrigin = [`
feat(configuration): harmonize demo and vue component for configuration 2024-10-11 10:51:41 +00:00			`"localhost"`
			`"hedgedoc.nixin.local"`
wip demo conf 2024-09-30 08:49:45 +00:00			`];`
			`};`
Add nginx proxy in demo configuration 2024-10-03 09:15:01 +00:00
wip demo conf 2024-09-30 08:49:45 +00:00			`users.users.operator = {`
feat: build instructions and example 2024-09-28 17:11:22 +00:00			`isNormalUser = true;`
			`extraGroups = [ "wheel" ];`
			`initialPassword = "test";`
			`};`

Add nginx proxy in demo configuration 2024-10-03 09:15:01 +00:00			`security.acme.defaults.email = "contact@nixin.local";`
			`security.acme.acceptTerms = true;`

			`services.nginx = {`
			`enable = true;`

			`# Use recommended settings`
			`recommendedGzipSettings = true;`
			`recommendedOptimisation = true;`
			`recommendedProxySettings = true;`
			`recommendedTlsSettings = true;`

			`# Only allow PFS-enabled ciphers with AES256`
			`sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";`

			`virtualHosts."hedgedoc.nixin.local" = {`
feat(configuration): harmonize demo and vue component for configuration 2024-10-11 10:51:41 +00:00			`forceSSL = true;`
			`enableACME = true;`
			`root = "/var/www/hedgedoc";`
			`locations."/".proxyPass = "http://127.0.0.1:8001";`
			`locations."/socket.io/" = {`
			`proxyPass = "http://127.0.0.1:8001";`
			`proxyWebsockets = true;`
			`extraConfig = "proxy_ssl_server_name on;";`
			`};`
Add nginx proxy in demo configuration 2024-10-03 09:15:01 +00:00			`};`
			`};`

			`environment.systemPackages = with pkgs; [`
			`git`
			`wget`
			`tmux`
			`mosh`
			`htop`
			`];`

feat: build instructions and example 2024-09-28 17:11:22 +00:00			`system.stateVersion = "24.05";`
			`}`