forked from M-Labs/nix-scripts
nixbld: run Gitlab instance (WIP)
This commit is contained in:
parent
b967aa96d0
commit
4c597b135c
@ -49,7 +49,7 @@
|
||||
services.openssh.enable = true;
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.allowedTCPPorts = [ 631 3000 5801 5901 6001 ];
|
||||
networking.firewall.allowedTCPPorts = [ 631 3000 5801 5901 6001 80 ];
|
||||
networking.firewall.allowedUDPPorts = [ 631 ];
|
||||
# Or disable the firewall altogether.
|
||||
# networking.firewall.enable = false;
|
||||
@ -134,6 +134,23 @@ ACTION=="add", SUBSYSTEM=="tty", \
|
||||
|
||||
virtualisation.libvirtd.enable = true;
|
||||
|
||||
services.gitlab = {
|
||||
enable = true;
|
||||
databasePassword = pkgs.lib.fileContents /etc/nixos/secret/gitlab-db-password;
|
||||
secrets = import /etc/nixos/secret/gitlab.nix;
|
||||
initialRootPassword = pkgs.lib.fileContents /etc/nixos/secret/gitlab-default-root;
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts = {
|
||||
"nixbld.lab.m-labs.hk" = {
|
||||
locations."/".proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# This value determines the NixOS release with which your system is to be
|
||||
# compatible, in order to avoid breaking some software such as database
|
||||
# servers. You should change this only after NixOS release notes say you
|
||||
|
Loading…
Reference in New Issue
Block a user