Skip to content

Instantly share code, notes, and snippets.

@Kirens

Kirens/nginx.nix

Created December 1, 2021 14:33
Show Gist options
  • Save Kirens/13af0768b45cafebea42d4992d9584d0 to your computer and use it in GitHub Desktop.
Save Kirens/13af0768b45cafebea42d4992d9584d0 to your computer and use it in GitHub Desktop.
Download ZIP
Generate systemd service-files from nixos nginx configuration
Raw
nginx.nix
{ nixpkgs ? import <nixpkgs> { }
, pkgs ? nixpkgs.pkgs
, lib ? pkgs.lib
, nixos ? import <nixpkgs/nixos>
}:
let
config = (nixos {
configuration.security.acme.certs."example.com".email = "webmaster@example.com";
configuration.services.nginx = {
enable = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."example.com" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://127.0.0.1:8080";
};
};
}).config;
certs = lib.attrNames config.security.acme.certs;
serviceNames = [
"acme-fixperms.service"
"acme-selfsigned-ca.service"
"nginx.service"
"nginx-config-reload.service"
] ++ (lib.concatMap (cert: [
"acme-${cert}.service"
"acme-${cert}.timer"
"acme-finished-${cert}.target"
"acme-selfsigned-${cert}.service"
]) certs);
filteredServices = lib.filterAttrs (n: _: lib.elem n serviceNames) config.systemd.units;
systemdLib = import <nixos/modules/system/boot/systemd-lib.nix> { inherit config lib pkgs; };
services = systemdLib.generateUnits "nginx" pureServices [] [];
in pkgs.runCommand "nginx-system" { preferLocalBuild = true; } ''
set -e
mkdir -p $out
ln -s ${services} $out/system
'' // { inherit config; }
Raw
reload.sh
#! /usr/bin/env bash
set -e
nix build -f nginx.nix
sudo cp -Prv result/system/ /etc/systemd/
sudo systemctl daemon-reload
sudo systemctl reload nginx.service
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment