2023-02-12 19:52:55 +01:00
|
|
|
{ config, lib, options, pkgs, ... }:
|
2022-06-17 21:27:38 +02:00
|
|
|
|
2021-03-06 01:10:53 +01:00
|
|
|
{
|
2022-12-18 22:16:29 +01:00
|
|
|
c3d2.deployment.server = "server10";
|
2022-01-12 01:46:13 +01:00
|
|
|
|
2022-06-19 11:32:48 +02:00
|
|
|
microvm.mem = 2 * 1024;
|
2022-06-18 21:29:09 +02:00
|
|
|
|
2022-12-20 04:31:37 +01:00
|
|
|
networking.hostName = "matemat";
|
2021-03-06 01:13:27 +01:00
|
|
|
|
2022-06-17 21:27:38 +02:00
|
|
|
services = {
|
|
|
|
nginx = {
|
|
|
|
enable = true;
|
|
|
|
virtualHosts."matemat.hq.c3d2.de" = {
|
|
|
|
default = true;
|
|
|
|
forceSSL = true;
|
|
|
|
enableACME = true;
|
|
|
|
locations."/" = {
|
|
|
|
proxyPass = "http://localhost:3000";
|
|
|
|
extraConfig = ''
|
|
|
|
satisfy any;
|
|
|
|
auth_basic secured;
|
2022-12-26 23:18:02 +01:00
|
|
|
auth_basic_user_file ${config.sops.secrets."nginx/basic-auth".path};
|
2022-06-17 21:27:38 +02:00
|
|
|
allow 2a00:8180:2c00:200::/56;
|
2022-09-20 01:05:22 +02:00
|
|
|
allow 2a0f:5382:acab:1400::/56;
|
2022-08-27 21:39:11 +02:00
|
|
|
allow fd23:42:c3d2:500::/56;
|
|
|
|
allow 30c:c3d2:b946:76d0::/64;
|
2022-06-17 21:27:38 +02:00
|
|
|
allow 172.22.99.0/24;
|
|
|
|
allow 172.20.72.0/21;
|
|
|
|
deny all;
|
|
|
|
'';
|
|
|
|
};
|
2021-03-06 02:28:46 +01:00
|
|
|
};
|
2021-03-06 01:13:27 +01:00
|
|
|
};
|
2023-01-07 02:00:15 +01:00
|
|
|
|
2023-02-12 19:52:55 +01:00
|
|
|
postgresql = {
|
|
|
|
package = pkgs.postgresql_15;
|
|
|
|
upgrade.stopServices = [ "yammat" ];
|
|
|
|
};
|
2023-01-07 02:00:15 +01:00
|
|
|
|
2023-02-12 19:52:55 +01:00
|
|
|
yammat = {
|
|
|
|
enable = true;
|
|
|
|
config = lib.mkOptionDefault ''
|
|
|
|
copyright_link: "https://gitea.c3d2.de/c3d2/yammat"
|
|
|
|
'';
|
|
|
|
};
|
2021-03-06 01:13:27 +01:00
|
|
|
};
|
2021-03-06 20:59:08 +01:00
|
|
|
|
2022-05-31 18:19:34 +02:00
|
|
|
programs.msmtp = {
|
2021-03-06 20:59:08 +01:00
|
|
|
enable = true;
|
2022-05-31 18:19:34 +02:00
|
|
|
accounts.default = {
|
|
|
|
host = "mail.c3d2.de";
|
|
|
|
port = 587;
|
|
|
|
tls = true;
|
|
|
|
tls_starttls = true;
|
|
|
|
auth = false;
|
|
|
|
domain = "matemat.hq.c3d2.de";
|
|
|
|
from = "nek0@c3d2.de";
|
2021-04-30 10:36:37 +02:00
|
|
|
};
|
2021-03-06 20:59:08 +01:00
|
|
|
};
|
2022-12-18 22:16:29 +01:00
|
|
|
|
2022-12-26 23:18:02 +01:00
|
|
|
sops = {
|
|
|
|
defaultSopsFile = ./secrets.yaml;
|
|
|
|
secrets."nginx/basic-auth".owner = "nginx";
|
|
|
|
};
|
|
|
|
|
2022-12-18 22:16:29 +01:00
|
|
|
system.stateVersion = "22.05";
|
2021-03-06 01:10:53 +01:00
|
|
|
}
|