run excalidraw in a container and make it available over https

author: Franck Cuny <franck@fcuny.net> 2024-11-06 12:37:00 -0800
committer: Franck Cuny <franck@fcuny.net> 2024-11-06 12:37:00 -0800
commit: 9c0a75a7dcfbcb38e33397dd2b6efeb300551dd3 (patch)
tree: 802761617098112d228223a532803d2a33b36116 /nix/hosts/wildcat/configuration.nix
parent: align comment (diff)
download: infra-9c0a75a7dcfbcb38e33397dd2b6efeb300551dd3.tar.gz
1 files changed, 27 insertions, 5 deletions
diff --git a/nix/hosts/wildcat/configuration.nix b/nix/hosts/wildcat/configuration.nix
index 7143ad8..b74f522 100644
--- a/nix/hosts/wildcat/configuration.nix
+++ b/nix/hosts/wildcat/configuration.nix
@@ -64,6 +64,14 @@
     };
   };
 
+  virtualisation.oci-containers.containers.excalidraw = {
+    autoStart = true;
+    image = "excalidraw/excalidraw:latest";
+    environment = { TZ = "America/Los_Angeles"; };
+    ports = [ "127.0.0.1:3030:80" ];
+    extraOptions = [ "--pull=always" ];
+  };
+
   services.nginx = {
     enable = true;
 
@@ -74,6 +82,10 @@
 
     virtualHosts = {
       "fcuny.net" = {
+        # make it the default site: if a request goes through nginx
+        # without a host header, this will be the default site we serve
+        # for that request.
+        default = true;
         forceSSL = true;
         enableACME = true;
         locations = {
@@ -84,10 +96,6 @@
         };
       };
       "git.fcuny.net" = {
-        # make cgit the default site: if a request goes through nginx
-        # without a host header, this will be the default site we serve
-        # for that request.
-        default = true;
         forceSSL = true;
         enableACME = true;
         locations = {
@@ -96,6 +104,16 @@
           };
         };
       };
+      "draw.fcuny.net" = {
+        forceSSL = true;
+        enableACME = true;
+        locations = {
+          "/".proxyPass = "http://127.0.0.1:3030";
+          "/.well-known/acme-challenge" = {
+            root = "/var/lib/acme/acme-challenges";
+          };
+        };
+      };
     };
   };
 
@@ -105,7 +123,11 @@
     repository = "/srv/backups/git";
     initialize = true;
     paths = [ "/var/lib/gitolite" ];
-    exclude = [ "/var/lib/gitolite/.bash_history" "/var/lib/gitolite/.ssh" ];
+    exclude = [
+      "/var/lib/gitolite/.bash_history"
+      "/var/lib/gitolite/.ssh"
+      "/var/lib/gitolite/.viminfo"
+    ];
     extraBackupArgs = [ "--exclude-caches" "--compression=max" ];
     timerConfig = { OnCalendar = "*:0/30"; };
     pruneOpts = [
author	Franck Cuny <franck@fcuny.net>	2024-11-06 12:37:00 -0800
committer	Franck Cuny <franck@fcuny.net>	2024-11-06 12:37:00 -0800
commit	9c0a75a7dcfbcb38e33397dd2b6efeb300551dd3 (patch)
tree	802761617098112d228223a532803d2a33b36116 /nix/hosts/wildcat/configuration.nix
parent	align comment (diff)
download	infra-9c0a75a7dcfbcb38e33397dd2b6efeb300551dd3.tar.gz