Format

hosts/buzzrelay/default.nix

@@ -1,32 +1,44 @@
 { config, ... }:
 {
-  c3d2.deployment.server = "server10";
+  c3d2 = {
+    deployment.server = "server10";
+    hq.statistics.enable = true;
+  };
+
   microvm = {
-    mem = 2 * 1024;
+    mem = 1024;
     vcpu = 8;
   };
-  system.stateVersion = "22.11";
-  networking.hostName = "buzzrelay";
-  c3d2.hq.statistics.enable = true;
 
-  sops.defaultSopsFile = ./secrets.yaml;
+  networking.hostName = "buzzrelay";
-  sops.secrets = {
+
-    "buzzrelay/privKey".owner = config.services.buzzrelay.user;
+  sops = {
-    "buzzrelay/pubKey".owner = config.services.buzzrelay.user;
+    defaultSopsFile = ./secrets.yaml;
-  };
+    secrets = {
-  services.buzzrelay = {
+      "buzzrelay/privKey".owner = config.services.buzzrelay.user;
-    enable = true;
+      "buzzrelay/pubKey".owner = config.services.buzzrelay.user;
-    hostName = "relay.fedi.buzz";
-    privKeyFile = config.sops.secrets."buzzrelay/privKey".path;
-    pubKeyFile = config.sops.secrets."buzzrelay/pubKey".path;
-  };
-  services.postgresql.settings.log_min_duration_statement = 50;
-  services.nginx = {
-    enable = true;
-    virtualHosts."relay.fedi.buzz" = {
-      forceSSL = true;
-      enableACME = true;
-      locations."/".proxyPass = "http://127.0.0.1:${toString config.services.buzzrelay.listenPort}/";
     };
   };
+
+  services = {
+    buzzrelay = {
+      enable = true;
+      hostName = "relay.fedi.buzz";
+      privKeyFile = config.sops.secrets."buzzrelay/privKey".path;
+      pubKeyFile = config.sops.secrets."buzzrelay/pubKey".path;
+    };
+
+    nginx = {
+      enable = true;
+      virtualHosts."relay.fedi.buzz" = {
+        forceSSL = true;
+        enableACME = true;
+        locations."/".proxyPass = "http://127.0.0.1:${toString config.services.buzzrelay.listenPort}/";
+      };
+    };
+
+    postgresql.settings.log_min_duration_statement = 50;
+  };
+
+  system.stateVersion = "22.11";
 }