mobilizon: init

does not yet send mails
2021-09-20 22:11:17 +02:00 · 2021-09-20 22:11:17 +02:00 · 1235a7439d
parent b62dbfa74f
commit 1235a7439d
4 changed files with 95 additions and 7 deletions
--- a/flake.lock
+++ b/flake.lock
@ -45,6 +45,22 @@
        "type": "github"
      }
    },
+    "nixpkgs-mobilizon": {
+      "locked": {
+        "lastModified": 1618222151,
+        "narHash": "sha256-8ridyy8En9gw6Zk2um0gYHRjsC4bU3n5Pg1nt9lhXpU=",
+        "owner": "minijackson",
+        "repo": "nixpkgs",
+        "rev": "84b45196fdca1056a8ff9d214c7ce553851ff1a7",
+        "type": "github"
+      },
+      "original": {
+        "owner": "minijackson",
+        "ref": "init-mobilizon",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1631792076,
@ -65,6 +81,7 @@
      "inputs": {
        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs",
+        "nixpkgs-mobilizon": "nixpkgs-mobilizon",
        "scrapers": "scrapers",
        "secrets": "secrets",
        "spacemsg": "spacemsg",
@ -181,11 +198,11 @@
        "zentralwerk-network-key": "zentralwerk-network-key"
      },
      "locked": {
-        "lastModified": 1631903566,
-        "narHash": "sha256-mDeU4bc3pQ5sQbU2etnC1PxiW2W3EC3phXqhMDfyIkM=",
+        "lastModified": 1632071415,
+        "narHash": "sha256-bNRVgVwSJgEcSRgp3icC328rz/CAWrbgnbEJxEhjkTM=",
        "ref": "master",
-        "rev": "9db5d14bf109a7e467756fefebd694265ee31a53",
-        "revCount": 1176,
+        "rev": "d6b6e3a9207fef4760880af33f881104aa0adbe2",
+        "revCount": 1180,
        "type": "git",
        "url": "https://gitea.c3d2.de/zentralwerk/network.git"
      },
--- a/flake.nix
+++ b/flake.nix
@ -3,6 +3,7 @@

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/release-21.05";
+    nixpkgs-mobilizon.url = "github:minijackson/nixpkgs/init-mobilizon";
    secrets.url = "git+ssh://git@gitea.c3d2.de:2222/c3d2-admins/secrets.git";
    zentralwerk.url = "git+https://gitea.c3d2.de/zentralwerk/network.git";
    yammat.url = "git+https://gitea.c3d2.de/astro/yammat.git?ref=nix";
@ -17,7 +18,7 @@
    ticker.flake = false;
  };

-  outputs = { self, nixpkgs, secrets, nixos-hardware, zentralwerk, yammat, scrapers, spacemsg, tigger, ticker }:
+  outputs = inputs@{ self, nixpkgs, secrets, nixos-hardware, zentralwerk, yammat, scrapers, spacemsg, tigger, ticker, ... }:
    let
      forAllSystems = nixpkgs.lib.genAttrs [ "aarch64-linux" "x86_64-linux" ];

@ -165,8 +166,8 @@
      nixosConfigurations = let
        nixosSystem' =
          # Our custom NixOS builder
-          { extraArgs ? {}, ... }@args:
-          nixpkgs.lib.nixosSystem (args // {
+          { nixpkgs ? inputs.nixpkgs, extraArgs ? {}, ... }@args:
+          nixpkgs.lib.nixosSystem (nixpkgs.lib.filterAttrs (n: _: n != "nixpkgs") args // {
            extraArgs = extraArgs // {
              inherit hostRegistry;
            };
@ -327,6 +328,16 @@
          system = "x86_64-linux";
        };

+        mobilizon = nixosSystem' {
+          # TODO: pending https://github.com/NixOS/nixpkgs/pull/119132
+          nixpkgs = inputs.nixpkgs-mobilizon;
+          modules = [
+            ./lib/lxc-container.nix
+            ./hosts/containers/mobilizon
+          ];
+          system = "x86_64-linux";
+        };
+
      };

      nixosModules.c3d2 = import ./lib;
--- a/hosts/containers/mobilizon/default.nix
+++ b/hosts/containers/mobilizon/default.nix
@ -0,0 +1,56 @@
+{ hostRegistry, config, ... }:
+{
+  c3d2.isInHq = false;
+  networking = {
+    hostName = "mobilizon";
+    interfaces.eth0.ipv4.addresses = [{
+      address = hostRegistry.hosts.${config.networking.hostName}.ip4;
+      prefixLength = 26;
+    }];
+    defaultGateway = "172.20.73.1";
+    firewall.allowedTCPPorts = [ 80 443 ];
+  };
+
+
+  services.mobilizon = {
+    enable = true;
+    settings.":mobilizon".":instance" = {
+      name = "C3D2 Mobilizon";
+      hostname = "mobilizon.c3d2.de";
+      registrations_open = true;
+      default_language = "de";
+    };
+    # settings.":mobilizon"."Mobilizon.Web.Email.Mailer" = {
+    #   adapter = { value = "Bamboo.SMTPAdapter"; _elixirType = "raw"; };
+    #   server = "mail.c3d2.de";
+    #   hostname = config.networking.hostName;
+    #   auth = { value = ":if_available"; _elixirType = "atom"; };
+    #   username = "mobilizon";
+    #   password = "noneyet";
+    #   port = 587;
+    #   ssl = false;
+    #   tls = { value = ":if_available"; _elixirType = "atom"; };
+    #   allowed_tls_versions = { value = ''[:tlsv1, :"tlsv1.1", :"tlsv1.2"]''; _elixirType = "raw"; };
+    #   retries = 1;
+    #   no_mx_lookups = true;
+    # };
+    settings.":mobilizon".":logger" = {
+      level = { value = ":all"; _elixirType = "atom"; };
+    };
+  };
+
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    virtualHosts."mobilizon.c3d2.de" = {
+      default = true;
+      forceSSL = true;
+      enableACME = true;
+      locations."/".proxyPass = "http://localhost:4000";
+    };
+  };
+  security.acme = {
+    acceptTerms = true;
+    email = "mail@c3d2.de";
+  };
+}
--- a/hosts/containers/public-access-proxy/default.nix
+++ b/hosts/containers/public-access-proxy/default.nix
@ -39,6 +39,10 @@
        hostNames = [ "stream.hq.c3d2.de" ];
        proxyTo.host = hostRegistry.hosts.stream.ip4;
      }
+      {
+        hostNames = [ "mobilizon.c3d2.de" ];
+        proxyTo.host = hostRegistry.hosts.mobilizon.ip4;
+      }
    ];
  };