Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/redbrick/nix-configs

NixOS configs for Redbrick deployment
https://github.com/redbrick/nix-configs

configuration deployment hacktoberfest nixos

Last synced: about 2 months ago
JSON representation

NixOS configs for Redbrick deployment

Awesome Lists containing this project

README 

        
# NixOS Configurations



Used to deploy redbrick 2.0



## Installation



```bash

cd /etc/nixos

tar -cjf ~/nixos_backup.tar.bz2 *

rm *

git clone $THIS_REPO .

ln -s hosts/$(hostname)/configuration.nix .

nixos-rebuild switch

```



## Deploying Apache/httpd



`users.nix` needs to be generated before deploying Apache. This is important to run after users have been created or moved. Use this command:



```bash

cd services/httpd

ldapsearch -b o=redbrick -h ldap.internal -xLLL objectClass=posixAccount uid homeDirectory gidNumber | python3 ldap2nix.py /storage/webtree/ > users.nix

```



A rebuild will need to happen for these new users to be picked up by apache.



```bash

cd /etc/nixos && nixos-rebuild switch

```



Then generate the preliminary certs for every domain so that httpd can start:

```bash

# List all acme-selfsigned-* services and put them in a txt file. Do this with `systemctl status acme-selfsigned-`

cat selfsigned-svcs.txt | xargs systemctl start

```



Now apache will start. Generate the real certs for each domain, one at a time as to not get rate limited



```bash

cd /var/lib/acme

for cert in *; do journalctl -fu acme-$cert.service & systemctl start acme-$cert.service && kill $!; done

systemctl reload httpd

```