diff options
| -rw-r--r-- | CONTRIBUTING.md | 10 | ||||
| -rw-r--r-- | hosts/by-name/server2/networking.nix | 13 | ||||
| -rw-r--r-- | modules/by-name/ng/nginx/module.nix | 18 |
3 files changed, 27 insertions, 14 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 330cbeb..70760ae 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,16 +1,25 @@ # Branches + Following branches are used: + ## develop + This contains all upcoming changes for the next pull request to `main`. All feature branches should merge into this branch. + ## feature branches + These branches are created on a per-feature basis and will be merged into `develop`. This merge happens without ci testing and prior review, but a pull request should be opened to trigger a notification. + ## main + Changes in this branch trigger an automatic rebuild on the server, so all merges should be peer-reviewed and tested. However, exceptions can be made for changes, which close security vulnerabilities. The only branch able to be merged into `main` is `develop`. # Development process + If adding a new feature you should follow this loose guide: + 1. Clone the repository 1. Allow the `.envrc`: `direnv allow` (see [development environment](#development-environment), if you don't know what this does) 1. Checkout your feature branch from develop: `git checkout -b <feature branch name> develop` @@ -19,6 +28,7 @@ If adding a new feature you should follow this loose guide: 1. Push your change and open a pull request to `develop`: `git push --set-upstream origin <feature branch name>` # Development environment + All required tools should be specified in the `devShells` output of the flake. This is because we use [Direnv](https://github.com/direnv/direnv) in combination with [Nix integration](https://github.com/direnv/direnv/wiki/Nix) — in this case [Nix-direnv](https://github.com/nix-community/nix-direnv) — to enforce reliable development environments (and some uncluttering of PATH). Setting it up is rather easy, just see [Nix-direnv's install instructions](https://github.com/nix-community/nix-direnv#installation). diff --git a/hosts/by-name/server2/networking.nix b/hosts/by-name/server2/networking.nix index cd0484f..117154e 100644 --- a/hosts/by-name/server2/networking.nix +++ b/hosts/by-name/server2/networking.nix @@ -1,4 +1,7 @@ -{lib, ...}: { +{lib, ...}: let + ipv4 = "185.16.61.132"; + ipv6 = "2a03:4000:a:106::1"; +in { # This file was populated at runtime with the networking # details gathered from the active system. networking = { @@ -6,7 +9,7 @@ "8.8.8.8" ]; defaultGateway = { - address = "89.58.56.1"; + address = ipv4; interface = "eth0"; }; defaultGateway6 = { @@ -19,19 +22,19 @@ eth0 = { ipv4.addresses = [ { - address = "89.58.58.33"; + address = ipv4; prefixLength = 22; } ]; ipv6.addresses = [ { - address = "2a03:4000:6a:3f3::1"; + address = ipv6; prefixLength = 64; } ]; ipv4.routes = [ { - address = "89.58.56.1"; + address = ipv4; prefixLength = 32; } ]; diff --git a/modules/by-name/ng/nginx/module.nix b/modules/by-name/ng/nginx/module.nix index 9c77652..30406fe 100644 --- a/modules/by-name/ng/nginx/module.nix +++ b/modules/by-name/ng/nginx/module.nix @@ -57,15 +57,15 @@ in { services.nginx = { enable = true; # The merge here is fine, as no domain should be specified twice - virtualHosts = - { - "gallery.s-schoeffel.de" = { - forceSSL = true; - enableACME = true; - root = "/srv/gallery.s-schoeffel.de"; - }; - } - // redirects; + #virtualHosts = + # { + # "gallery.s-schoeffel.de" = { + # forceSSL = true; + # enableACME = true; + # root = "/srv/gallery.s-schoeffel.de"; + # }; + # } + # // redirects; }; }; } |