Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
hydra server
{ config, pkgs, ... }:
let
hydra = pkgs.fetchgit { url = https://github.com/NixOS/hydra; rev = "refs/heads/master"; };
in {
...
require = [ "${hydra}/hydra-module.nix" ];
...
services = {
postfix = {
enable = true;
setSendmail = true;
};
openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
};
locate.enable = true;
hydra = {
enable = true;
dbi = "dbi:Pg:dbname=hydra;host=localhost;user=hydra;";
package = (import "${hydra}/release.nix" {}).build.x86_64-linux;
hydraURL = "http://hydra.scriptores.com/";
listenHost = "localhost";
port = 3000;
minimumDiskFree = 5;
minimumDiskFreeEvaluator = 2;
notificationSender = "hydra@jaeger.matejc";
tracker = "<div>matejc's Hydra reborn</div>";
logo = null;
debugServer = false;
};
# Hydra requires postgresql to run
postgresql.enable = true;
postgresql.package = pkgs.postgresql;
nginx.enable = true;
nginx.config = pkgs.lib.readFile /root/nginx.conf;
};
...
}
server {
listen 0.0.0.0:443 ssl;
server_name hydra-ssl.scriptores.com;
keepalive_timeout 70;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_certificate /root/ssl/hydra.crt;
ssl_certificate_key /root/ssl/hydra.key;
### We want full access to SSL via backend ###
location / {
proxy_pass http://127.0.0.1:3000/;
### force timeouts if one of backend is died ##
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
### Set headers ####
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
### Most PHP, Python, Rails, Java App can use this header ###
#proxy_set_header X-Forwarded-Proto https;##
#This is better##
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;
### By default we don't want to redirect it ####
proxy_redirect off;
}
}
server {
listen 0.0.0.0:80;
server_name hydra-ssl.scriptores.com;
rewrite ^ https://$server_name$request_uri? permanent;
}
server {
listen 0.0.0.0:80;
server_name hydra.scriptores.com;
location / {
proxy_pass http://127.0.0.1:3000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
#user nobody;
worker_processes 1;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
include /root/hydra.nginx;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.