Format
This commit is contained in:
parent
1a9a547bdd
commit
d5e612c680
|
@ -1,32 +1,44 @@
|
||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
{
|
{
|
||||||
c3d2.deployment.server = "server10";
|
c3d2 = {
|
||||||
|
deployment.server = "server10";
|
||||||
|
hq.statistics.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
microvm = {
|
microvm = {
|
||||||
mem = 2 * 1024;
|
mem = 1024;
|
||||||
vcpu = 8;
|
vcpu = 8;
|
||||||
};
|
};
|
||||||
system.stateVersion = "22.11";
|
|
||||||
networking.hostName = "buzzrelay";
|
|
||||||
c3d2.hq.statistics.enable = true;
|
|
||||||
|
|
||||||
sops.defaultSopsFile = ./secrets.yaml;
|
networking.hostName = "buzzrelay";
|
||||||
sops.secrets = {
|
|
||||||
"buzzrelay/privKey".owner = config.services.buzzrelay.user;
|
sops = {
|
||||||
"buzzrelay/pubKey".owner = config.services.buzzrelay.user;
|
defaultSopsFile = ./secrets.yaml;
|
||||||
};
|
secrets = {
|
||||||
services.buzzrelay = {
|
"buzzrelay/privKey".owner = config.services.buzzrelay.user;
|
||||||
enable = true;
|
"buzzrelay/pubKey".owner = config.services.buzzrelay.user;
|
||||||
hostName = "relay.fedi.buzz";
|
|
||||||
privKeyFile = config.sops.secrets."buzzrelay/privKey".path;
|
|
||||||
pubKeyFile = config.sops.secrets."buzzrelay/pubKey".path;
|
|
||||||
};
|
|
||||||
services.postgresql.settings.log_min_duration_statement = 50;
|
|
||||||
services.nginx = {
|
|
||||||
enable = true;
|
|
||||||
virtualHosts."relay.fedi.buzz" = {
|
|
||||||
forceSSL = true;
|
|
||||||
enableACME = true;
|
|
||||||
locations."/".proxyPass = "http://127.0.0.1:${toString config.services.buzzrelay.listenPort}/";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services = {
|
||||||
|
buzzrelay = {
|
||||||
|
enable = true;
|
||||||
|
hostName = "relay.fedi.buzz";
|
||||||
|
privKeyFile = config.sops.secrets."buzzrelay/privKey".path;
|
||||||
|
pubKeyFile = config.sops.secrets."buzzrelay/pubKey".path;
|
||||||
|
};
|
||||||
|
|
||||||
|
nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts."relay.fedi.buzz" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/".proxyPass = "http://127.0.0.1:${toString config.services.buzzrelay.listenPort}/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
postgresql.settings.log_min_duration_statement = 50;
|
||||||
|
};
|
||||||
|
|
||||||
|
system.stateVersion = "22.11";
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user