68 lines
1.4 KiB
Nix
68 lines
1.4 KiB
Nix
{ config, lib, libC, pkgs, ... }:
|
|
|
|
{
|
|
c3d2.deployment.server = "server10";
|
|
|
|
microvm.mem = 2 * 1024;
|
|
|
|
networking.hostName = "matemat";
|
|
|
|
services = {
|
|
backup.enable = true;
|
|
|
|
nginx = {
|
|
enable = true;
|
|
virtualHosts."matemat.hq.c3d2.de" = {
|
|
default = true;
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
listen = libC.defaultListen;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:3000";
|
|
extraConfig = libC.hqNetworkOnly + ''
|
|
add_header X-Robots-Tag "noindex" always;
|
|
|
|
auth_basic secured;
|
|
auth_basic_user_file ${config.sops.secrets."nginx/basic-auth".path};
|
|
'';
|
|
};
|
|
serverAliases = [ "mate.c3d2.de" "matemat.c3d2.de" ];
|
|
};
|
|
};
|
|
|
|
postgresql = {
|
|
package = pkgs.postgresql_16;
|
|
upgrade.stopServices = [ "yammat" ];
|
|
};
|
|
|
|
yammat = {
|
|
enable = true;
|
|
config = lib.mkOptionDefault ''
|
|
copyright_link: "https://gitea.c3d2.de/c3d2/yammat"
|
|
'';
|
|
};
|
|
};
|
|
|
|
programs.msmtp = {
|
|
enable = true;
|
|
accounts.default = {
|
|
host = "mail.c3d2.de";
|
|
port = 587;
|
|
tls = true;
|
|
tls_starttls = true;
|
|
auth = false;
|
|
domain = "matemat.hq.c3d2.de";
|
|
from = "nek0@c3d2.de";
|
|
};
|
|
};
|
|
|
|
sops = {
|
|
defaultSopsFile = ./secrets.yaml;
|
|
secrets = {
|
|
"nginx/basic-auth".owner = "nginx";
|
|
};
|
|
};
|
|
|
|
system.stateVersion = "22.05";
|
|
}
|