fruitbasket/modules/web/hyperilo.nix

{ ... }:

{
  # provide access to iLO of colocated server
  # in case of questions, contact @bennofs
  services.nginx.virtualHosts."hyperilo.deutschland.gmbh" = {
    forceSSL = true;
    locations."/".proxyPass = "https://192.168.0.120:443";
    locations."/".basicAuthFile = "/run/secrets/hyperilo_htaccess";
    locations."/".extraConfig = ''
      proxy_ssl_verify off;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection $connection_upgrade_capitalized;
    '';
  };

  # HP iLO requires uppercase Upgrade, not lowercase "upgrade"
  services.nginx.commonHttpConfig = ''
    map $http_upgrade $connection_upgrade_capitalized {
      default  Upgrade;
      '''      close;
    }
  '';

  systemd.network.networks."20-hyperilo" = {
    matchConfig.Name = "eno8303";
    address = [ "192.168.0.1/24" ];
    networkConfig.LLDP = true;
    networkConfig.EmitLLDP = "nearest-bridge";
  };

  sops.secrets."hyperilo_htaccess".owner = "nginx";
}
ran deadnix 2024-10-08 21:36:52 +02:00			`{ ... }:`
add hyperilo reverse proxy 2024-09-01 21:04:38 +02:00
			`{`
			`# provide access to iLO of colocated server`
			`# in case of questions, contact @bennofs`
			`services.nginx.virtualHosts."hyperilo.deutschland.gmbh" = {`
			`forceSSL = true;`
			`locations."/".proxyPass = "https://192.168.0.120:443";`
			`locations."/".basicAuthFile = "/run/secrets/hyperilo_htaccess";`
			`locations."/".extraConfig = ''`
			`proxy_ssl_verify off;`
hyperilo: proxy websockets for console 2024-09-06 15:44:28 +02:00			`proxy_http_version 1.1;`
			`proxy_set_header Upgrade $http_upgrade;`
hyperilo: fix websocket config 2024-09-06 17:12:45 +02:00			`proxy_set_header Connection $connection_upgrade_capitalized;`
add hyperilo reverse proxy 2024-09-01 21:04:38 +02:00			`'';`
			`};`

hyperilo: proxy websockets for console 2024-09-06 15:44:28 +02:00			`# HP iLO requires uppercase Upgrade, not lowercase "upgrade"`
			`services.nginx.commonHttpConfig = ''`
formatting 2024-09-07 11:33:19 +02:00			`map $http_upgrade $connection_upgrade_capitalized {`
			`default Upgrade;`
			`''' close;`
			`}`
hyperilo: proxy websockets for console 2024-09-06 15:44:28 +02:00			`'';`

add hyperilo reverse proxy 2024-09-01 21:04:38 +02:00			`systemd.network.networks."20-hyperilo" = {`
			`matchConfig.Name = "eno8303";`
			`address = [ "192.168.0.1/24" ];`
			`networkConfig.LLDP = true;`
			`networkConfig.EmitLLDP = "nearest-bridge";`
			`};`

			`sops.secrets."hyperilo_htaccess".owner = "nginx";`
			`}`