Extract extract services to services directory
That way we can deploy them both on dev and prod hosts and just need to change the `baseDomain` to differentiate.
This commit is contained in:
Moritz 'e1mo' Fromm
parent
5d8cf1b67c
commit
d782f28bec
4 changed files with 23 additions and 24 deletions
|
|
@ -20,9 +20,6 @@
|
||||||
nixpkgs.overlays = [ overlay ];
|
nixpkgs.overlays = [ overlay ];
|
||||||
_module.args = {
|
_module.args = {
|
||||||
inherit nixpkgs;
|
inherit nixpkgs;
|
||||||
# TODO: Change when going to production
|
|
||||||
# Not sure if this is the best way to do this
|
|
||||||
baseDomain = "dev.chaos.jetzt";
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
@ -58,6 +55,5 @@
|
||||||
|
|
||||||
overlays.default = overlay;
|
overlays.default = overlay;
|
||||||
legacyPackages.x86_64-linux = pkgs;
|
legacyPackages.x86_64-linux = pkgs;
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,10 @@
|
||||||
{ lib, pkgs, config, baseDomain, ... }: {
|
{ pkgs, baseDomain, ... }: {
|
||||||
|
_module.args.baseDomain = "dev.chaos.jetzt";
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-config.nix
|
./hardware-config.nix
|
||||||
./mumble.nix
|
../../services/mumble.nix
|
||||||
|
../../services/website.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
system.stateVersion = "23.05";
|
system.stateVersion = "23.05";
|
||||||
|
|
@ -16,21 +19,4 @@
|
||||||
networking.defaultGateway = { address = "172.31.1.1"; interface = "ens3"; };
|
networking.defaultGateway = { address = "172.31.1.1"; interface = "ens3"; };
|
||||||
networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; };
|
networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; };
|
||||||
networking.nameservers = [ "213.133.98.98" "213.133.99.99" "213.133.100.100" ];
|
networking.nameservers = [ "213.133.98.98" "213.133.99.99" "213.133.100.100" ];
|
||||||
|
|
||||||
services.nginx = {
|
|
||||||
enable = true;
|
|
||||||
enableReload = true;
|
|
||||||
recommendedGzipSettings = true;
|
|
||||||
recommendedOptimisation = true;
|
|
||||||
recommendedProxySettings = true;
|
|
||||||
recommendedTlsSettings = true;
|
|
||||||
|
|
||||||
virtualHosts.${baseDomain} = {
|
|
||||||
default = true;
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
# TODO: Change this to be deployed by some sort of CI + rsync so we don't need to always update the package version
|
|
||||||
locations."/".root = pkgs.chaos-jetzt-website-pelican;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,4 @@
|
||||||
{ config, baseDomain, lib, ... }: {
|
{ config, baseDomain, lib, ... }: {
|
||||||
|
|
||||||
sops.secrets."murmur/registry_password".owner = "murmur";
|
sops.secrets."murmur/registry_password".owner = "murmur";
|
||||||
security.acme.certs."mumble.${baseDomain}" = {
|
security.acme.certs."mumble.${baseDomain}" = {
|
||||||
group = "murmur";
|
group = "murmur";
|
||||||
18
services/website.nix
Normal file
18
services/website.nix
Normal file
|
|
@ -0,0 +1,18 @@
|
||||||
|
{ pkgs, baseDomain, ...}: {
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
enableReload = true;
|
||||||
|
recommendedGzipSettings = true;
|
||||||
|
recommendedOptimisation = true;
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
recommendedTlsSettings = true;
|
||||||
|
|
||||||
|
virtualHosts.${baseDomain} = {
|
||||||
|
default = true;
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
# TODO: Change this to be deployed by some sort of CI + rsync so we don't need to always update the package version
|
||||||
|
locations."/".root = pkgs.chaos-jetzt-website-pelican;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue