parent
b62dbfa74f
commit
1235a7439d
25
flake.lock
25
flake.lock
|
@ -45,6 +45,22 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-mobilizon": {
|
||||
"locked": {
|
||||
"lastModified": 1618222151,
|
||||
"narHash": "sha256-8ridyy8En9gw6Zk2um0gYHRjsC4bU3n5Pg1nt9lhXpU=",
|
||||
"owner": "minijackson",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "84b45196fdca1056a8ff9d214c7ce553851ff1a7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "minijackson",
|
||||
"ref": "init-mobilizon",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1631792076,
|
||||
|
@ -65,6 +81,7 @@
|
|||
"inputs": {
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-mobilizon": "nixpkgs-mobilizon",
|
||||
"scrapers": "scrapers",
|
||||
"secrets": "secrets",
|
||||
"spacemsg": "spacemsg",
|
||||
|
@ -181,11 +198,11 @@
|
|||
"zentralwerk-network-key": "zentralwerk-network-key"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1631903566,
|
||||
"narHash": "sha256-mDeU4bc3pQ5sQbU2etnC1PxiW2W3EC3phXqhMDfyIkM=",
|
||||
"lastModified": 1632071415,
|
||||
"narHash": "sha256-bNRVgVwSJgEcSRgp3icC328rz/CAWrbgnbEJxEhjkTM=",
|
||||
"ref": "master",
|
||||
"rev": "9db5d14bf109a7e467756fefebd694265ee31a53",
|
||||
"revCount": 1176,
|
||||
"rev": "d6b6e3a9207fef4760880af33f881104aa0adbe2",
|
||||
"revCount": 1180,
|
||||
"type": "git",
|
||||
"url": "https://gitea.c3d2.de/zentralwerk/network.git"
|
||||
},
|
||||
|
|
17
flake.nix
17
flake.nix
|
@ -3,6 +3,7 @@
|
|||
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/release-21.05";
|
||||
nixpkgs-mobilizon.url = "github:minijackson/nixpkgs/init-mobilizon";
|
||||
secrets.url = "git+ssh://git@gitea.c3d2.de:2222/c3d2-admins/secrets.git";
|
||||
zentralwerk.url = "git+https://gitea.c3d2.de/zentralwerk/network.git";
|
||||
yammat.url = "git+https://gitea.c3d2.de/astro/yammat.git?ref=nix";
|
||||
|
@ -17,7 +18,7 @@
|
|||
ticker.flake = false;
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, secrets, nixos-hardware, zentralwerk, yammat, scrapers, spacemsg, tigger, ticker }:
|
||||
outputs = inputs@{ self, nixpkgs, secrets, nixos-hardware, zentralwerk, yammat, scrapers, spacemsg, tigger, ticker, ... }:
|
||||
let
|
||||
forAllSystems = nixpkgs.lib.genAttrs [ "aarch64-linux" "x86_64-linux" ];
|
||||
|
||||
|
@ -165,8 +166,8 @@
|
|||
nixosConfigurations = let
|
||||
nixosSystem' =
|
||||
# Our custom NixOS builder
|
||||
{ extraArgs ? {}, ... }@args:
|
||||
nixpkgs.lib.nixosSystem (args // {
|
||||
{ nixpkgs ? inputs.nixpkgs, extraArgs ? {}, ... }@args:
|
||||
nixpkgs.lib.nixosSystem (nixpkgs.lib.filterAttrs (n: _: n != "nixpkgs") args // {
|
||||
extraArgs = extraArgs // {
|
||||
inherit hostRegistry;
|
||||
};
|
||||
|
@ -327,6 +328,16 @@
|
|||
system = "x86_64-linux";
|
||||
};
|
||||
|
||||
mobilizon = nixosSystem' {
|
||||
# TODO: pending https://github.com/NixOS/nixpkgs/pull/119132
|
||||
nixpkgs = inputs.nixpkgs-mobilizon;
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./hosts/containers/mobilizon
|
||||
];
|
||||
system = "x86_64-linux";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
nixosModules.c3d2 = import ./lib;
|
||||
|
|
|
@ -0,0 +1,56 @@
|
|||
{ hostRegistry, config, ... }:
|
||||
{
|
||||
c3d2.isInHq = false;
|
||||
networking = {
|
||||
hostName = "mobilizon";
|
||||
interfaces.eth0.ipv4.addresses = [{
|
||||
address = hostRegistry.hosts.${config.networking.hostName}.ip4;
|
||||
prefixLength = 26;
|
||||
}];
|
||||
defaultGateway = "172.20.73.1";
|
||||
firewall.allowedTCPPorts = [ 80 443 ];
|
||||
};
|
||||
|
||||
|
||||
services.mobilizon = {
|
||||
enable = true;
|
||||
settings.":mobilizon".":instance" = {
|
||||
name = "C3D2 Mobilizon";
|
||||
hostname = "mobilizon.c3d2.de";
|
||||
registrations_open = true;
|
||||
default_language = "de";
|
||||
};
|
||||
# settings.":mobilizon"."Mobilizon.Web.Email.Mailer" = {
|
||||
# adapter = { value = "Bamboo.SMTPAdapter"; _elixirType = "raw"; };
|
||||
# server = "mail.c3d2.de";
|
||||
# hostname = config.networking.hostName;
|
||||
# auth = { value = ":if_available"; _elixirType = "atom"; };
|
||||
# username = "mobilizon";
|
||||
# password = "noneyet";
|
||||
# port = 587;
|
||||
# ssl = false;
|
||||
# tls = { value = ":if_available"; _elixirType = "atom"; };
|
||||
# allowed_tls_versions = { value = ''[:tlsv1, :"tlsv1.1", :"tlsv1.2"]''; _elixirType = "raw"; };
|
||||
# retries = 1;
|
||||
# no_mx_lookups = true;
|
||||
# };
|
||||
settings.":mobilizon".":logger" = {
|
||||
level = { value = ":all"; _elixirType = "atom"; };
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts."mobilizon.c3d2.de" = {
|
||||
default = true;
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".proxyPass = "http://localhost:4000";
|
||||
};
|
||||
};
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
email = "mail@c3d2.de";
|
||||
};
|
||||
}
|
|
@ -39,6 +39,10 @@
|
|||
hostNames = [ "stream.hq.c3d2.de" ];
|
||||
proxyTo.host = hostRegistry.hosts.stream.ip4;
|
||||
}
|
||||
{
|
||||
hostNames = [ "mobilizon.c3d2.de" ];
|
||||
proxyTo.host = hostRegistry.hosts.mobilizon.ip4;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in New Issue