Aktionen
Aufgabe #856
offenLXC mit NixOS auf PVE 7
Beginn:
10.10.2021
Abgabedatum:
% erledigt:
40%
Geschätzter Aufwand:
Aktionen
Von PaulRiegel vor etwa 4 Jahren hinzugefügt. Vor etwa 3 Jahren aktualisiert.
40%
nano /etc/nixos/configuration.nix
{ config, pkgs, ... }:
{
imports = [ <nixpkgs/nixos/modules/virtualisation/lxc-container.nix> ];
systemd.suppressedSystemUnits = [
"sys-kernel-debug.mount"
];
services.openssh.enable = false;
# systemd.enableUnifiedCgroupHierarchy = true;
networking.useDHCP = false;
networking.enableIPv6 = false;
networking.interfaces.eth0.ipv4.addresses = [ {
address = "141.56.51.321";
prefixLength = 24;
} ];
networking.defaultGateway = "141.56.51.254";
networking.nameservers = [
"141.56.1.1"
"141.56.1.2"
];
# services.nginx.enable = true;
services.httpd = {
enable = true;
adminAddr = "apache@stura.htw-dresden.de";
};
networking.firewall.allowedTCPPorts = [ 80 ];
# networking.firewall.enable = false;
}
nano /etc/nixos/configuration.nix
{ config, pkgs, ... }:
{
imports = [ <nixpkgs/nixos/modules/virtualisation/lxc-container.nix> ];
systemd.suppressedSystemUnits = [
"sys-kernel-debug.mount"
];
services.openssh.enable = false;
# systemd.enableUnifiedCgroupHierarchy = true;
networking.useDHCP = false;
networking.enableIPv6 = false;
networking.interfaces.eth0.ipv4.addresses = [ {
address = "141.56.51.321";
prefixLength = 24;
} ];
networking.defaultGateway = "141.56.51.254";
networking.nameservers = [
"141.56.1.1"
"141.56.1.2"
];
services.nginx.enable = true;
services.nginx.virtualHosts."test.nix.stura-dresden.de" = {
addSSL = true;
enableACME = true;
# root = "/var/www/test.nix.stura-dresden.de";
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
# networking.firewall.enable = false;
security.acme.email = "cert@stura.htw-dresden.de";
security.acme.acceptTerms = true;
}
systemd.suppressedSystemUnits = [
# "dev-mqueue.mount"
"sys-kernel-debug.mount"
# "sys-fs-fuse-connections.mount"
];