27 lines
664 B
Nix
27 lines
664 B
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
sops.secrets.netbox-secret-key = {
|
|
sopsFile = ../secrets.yaml;
|
|
owner = "netbox";
|
|
};
|
|
|
|
services.netbox = {
|
|
enable = true;
|
|
package = pkgs.netbox;
|
|
secretKeyFile = config.sops.secrets.netbox-secret-key.path;
|
|
};
|
|
|
|
services.nginx.virtualHosts."netbox.sbruder.de" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations = {
|
|
"/".proxyPass = with config.services.netbox; "http://${listenAddress}:${toString port}";
|
|
"/static/".alias = "${config.services.netbox.dataDir}/static/";
|
|
};
|
|
};
|
|
|
|
# allow nginx access to static
|
|
users.groups."${config.users.users.netbox.name}".members = [ "nginx" ];
|
|
}
|