diff options
author | Alan Pearce | 2024-11-27 21:02:08 +0100 |
---|---|---|
committer | Alan Pearce | 2024-11-27 21:02:08 +0100 |
commit | ebb621c0d4f3c5f02df014898006f68e7dadb552 (patch) | |
tree | 6d5344468892a2c9a7332ccb5ce314accc67735c | |
parent | 162d4d2468aeb53685da1ff07419c2b77820e59b (diff) | |
download | nixfiles-ebb621c0d4f3c5f02df014898006f68e7dadb552.tar.lz nixfiles-ebb621c0d4f3c5f02df014898006f68e7dadb552.tar.zst nixfiles-ebb621c0d4f3c5f02df014898006f68e7dadb552.zip |
linde: enable redis for website
-rw-r--r-- | system/linde.nix | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/system/linde.nix b/system/linde.nix index 482b5a3a..a02e0c9b 100644 --- a/system/linde.nix +++ b/system/linde.nix @@ -177,6 +177,7 @@ in 443 53 853 + 6379 9418 6922 ]; @@ -631,6 +632,9 @@ in certs."stats.alanpearce.eu" = { extraDomainNames = [ "*.stats.alanpearce.eu" ]; }; + certs."redis.alanpearce.eu" = { + group = "redis-website"; + }; }; users.groups.acme.members = [ "caddy" @@ -964,14 +968,21 @@ in }; services.redis = { + enable = true; servers = { website = { - port = 6379; + enable = true; + port = 0; bind = net-redisip; - openFirewall = true; databases = 1; maxclients = 6; requirePassFile = config.age.secrets.redis-website.path; + settings = { + tls-port = 6379; + tls-cert-file = "/var/lib/acme/redis.alanpearce.eu/cert.pem"; + tls-key-file = "/var/lib/acme/redis.alanpearce.eu/key.pem"; + tla-ca-cert-file = "/etc/ssl/certs/ca-certificates.crt"; + }; }; }; }; |