40 lines
826 B
Nix
40 lines
826 B
Nix
{ ... }: {
|
|
users.groups.haproxy.gid = 99;
|
|
|
|
users.users.haproxy = {
|
|
uid = 99;
|
|
group = "haproxy";
|
|
};
|
|
|
|
sops.secrets = {
|
|
"dotspace/pki/lagarde.dev.pem" = {
|
|
mode = "0660";
|
|
owner = "haproxy";
|
|
group = "haproxy";
|
|
};
|
|
"dotspace/pki/mlaga97.space.pem" = {
|
|
mode = "0660";
|
|
owner = "haproxy";
|
|
group = "haproxy";
|
|
};
|
|
"dotspace/pki/bauble.boutique.pem" = {
|
|
mode = "0660";
|
|
owner = "haproxy";
|
|
group = "haproxy";
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.haproxy = {
|
|
image = "haproxy:2.6-alpine";
|
|
ports = [
|
|
"80:80"
|
|
"443:443"
|
|
"8448:8448"
|
|
"9980:9980"
|
|
];
|
|
volumes = [
|
|
"/run/secrets/dotspace/pki:/certs"
|
|
"/home/lauren_lagarde/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg" # TODO
|
|
];
|
|
};
|
|
}
|