46 lines
1,004 B
Nix
46 lines
1,004 B
Nix
{ ... }: {
|
|
users.groups.haproxy.gid = 99;
|
|
|
|
users.users.haproxy = {
|
|
uid = 99;
|
|
group = "haproxy";
|
|
};
|
|
|
|
sops.secrets = {
|
|
"dotspace/pki/lagarde.dev.pem" = {
|
|
mode = "0660";
|
|
owner = "haproxy";
|
|
group = "haproxy";
|
|
};
|
|
"dotspace/pki/mlaga97.space.pem" = {
|
|
mode = "0660";
|
|
owner = "haproxy";
|
|
group = "haproxy";
|
|
};
|
|
"dotspace/pki/bauble.boutique.pem" = {
|
|
mode = "0660";
|
|
owner = "haproxy";
|
|
group = "haproxy";
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.haproxy = {
|
|
image = "haproxy:2.6-alpine";
|
|
ports = [
|
|
"68.183.54.8:80:80"
|
|
"68.183.54.8:443:443"
|
|
"[2604:a880:800:10::d60:9001]:80:80"
|
|
"[2604:a880:800:10::d60:9001]:443:443"
|
|
|
|
"10.86.84.1:80:5080"
|
|
"10.86.84.1:443:5443"
|
|
|
|
"8448:8448"
|
|
"9980:9980"
|
|
];
|
|
volumes = [
|
|
"/run/secrets/dotspace/pki:/certs"
|
|
"/home/lauren_lagarde/fortress/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg" # TODO
|
|
];
|
|
};
|
|
}
|