diff options
| author | Max Audron <audron@cocaine.farm> | 2024-08-12 19:26:15 +0200 |
|---|---|---|
| committer | Max Audron <audron@cocaine.farm> | 2024-08-12 19:26:15 +0200 |
| commit | db28d0119eceb8d88faf2a55990a8b99be096beb (patch) | |
| tree | 8a08d3c756abc1de58d8791cd7d2c4224898b0b1 | |
| parent | remove psql ensurePermissions (diff) | |
add pastor deployment
| -rw-r--r-- | flake.lock | 268 | ||||
| -rw-r--r-- | flake.nix | 3 | ||||
| -rw-r--r-- | modules/default.nix | 1 | ||||
| -rw-r--r-- | modules/pastor/default.nix | 25 |
4 files changed, 296 insertions, 1 deletions
@@ -37,6 +37,23 @@ "type": "github" } }, + "crane_2": { + "flake": false, + "locked": { + "lastModified": 1699217310, + "narHash": "sha256-xpW3VFUG7yE6UE6Wl0dhqencuENSkV7qpnpe9I8VbPw=", + "owner": "ipetkov", + "repo": "crane", + "rev": "d535642bbe6f377077f7c23f0febb78b1463f449", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "ref": "v0.15.0", + "repo": "crane", + "type": "github" + } + }, "dream2nix": { "inputs": { "nixpkgs": [ @@ -61,6 +78,30 @@ "type": "github" } }, + "dream2nix_2": { + "inputs": { + "nixpkgs": [ + "pastor", + "nci", + "nixpkgs" + ], + "purescript-overlay": "purescript-overlay_2", + "pyproject-nix": "pyproject-nix_2" + }, + "locked": { + "lastModified": 1722526955, + "narHash": "sha256-fFS8aDnfK9Qfm2FLnQ8pqWk8FzvFEv5LvTuZTZLREnc=", + "owner": "nix-community", + "repo": "dream2nix", + "rev": "3fd4c14d3683baac8d1f94286ae14fe160888b51", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "dream2nix", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" @@ -113,6 +154,22 @@ "type": "github" } }, + "mk-naked-shell_2": { + "flake": false, + "locked": { + "lastModified": 1681286841, + "narHash": "sha256-3XlJrwlR0nBiREnuogoa5i1b4+w/XPe0z8bbrJASw0g=", + "owner": "yusdacra", + "repo": "mk-naked-shell", + "rev": "7612f828dd6f22b7fb332cc69440e839d7ffe6bd", + "type": "github" + }, + "original": { + "owner": "yusdacra", + "repo": "mk-naked-shell", + "type": "github" + } + }, "nci": { "inputs": { "crane": "crane", @@ -140,6 +197,33 @@ "type": "github" } }, + "nci_2": { + "inputs": { + "crane": "crane_2", + "dream2nix": "dream2nix_2", + "mk-naked-shell": "mk-naked-shell_2", + "nixpkgs": [ + "pastor", + "nixpkgs" + ], + "parts": "parts_3", + "rust-overlay": "rust-overlay_2", + "treefmt": "treefmt_2" + }, + "locked": { + "lastModified": 1723443288, + "narHash": "sha256-bP60+yYZsDttnQINxWVJHH3+kS4MkLBbJzwIL61knTY=", + "owner": "yusdacra", + "repo": "nix-cargo-integration", + "rev": "00702704ffd937a3cd2eafb80947a31f2c63cec5", + "type": "github" + }, + "original": { + "owner": "yusdacra", + "repo": "nix-cargo-integration", + "type": "github" + } + }, "nixinate": { "inputs": { "flake-parts": "flake-parts_2", @@ -253,6 +337,22 @@ "type": "github" } }, + "nixpkgs_4": { + "locked": { + "lastModified": 1723282977, + "narHash": "sha256-oTK91aOlA/4IsjNAZGMEBz7Sq1zBS0Ltu4/nIQdYDOg=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "a781ff33ae258bbcfd4ed6e673860c3e923bf2cc", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, "parts": { "inputs": { "nixpkgs-lib": [ @@ -296,6 +396,70 @@ "type": "github" } }, + "parts_3": { + "inputs": { + "nixpkgs-lib": [ + "pastor", + "nci", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1722555600, + "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "parts_4": { + "inputs": { + "nixpkgs-lib": [ + "pastor", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1722555600, + "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "pastor": { + "inputs": { + "nci": "nci_2", + "nixpkgs": "nixpkgs_4", + "parts": "parts_4" + }, + "locked": { + "lastModified": 1723482736, + "narHash": "sha256-6A/xDPR6Ks8rmPj74mGcoApBddPzgKr5q/SO24zjbEw=", + "owner": "cocainefarm", + "repo": "pastor", + "rev": "ad9c820d64451e26d6b3101d1f0bb7e1d64b772b", + "type": "gitlab" + }, + "original": { + "owner": "cocainefarm", + "ref": "feature/nix", + "repo": "pastor", + "type": "gitlab" + } + }, "purescript-overlay": { "inputs": { "nixpkgs": [ @@ -320,6 +484,30 @@ "type": "github" } }, + "purescript-overlay_2": { + "inputs": { + "nixpkgs": [ + "pastor", + "nci", + "dream2nix", + "nixpkgs" + ], + "slimlock": "slimlock_2" + }, + "locked": { + "lastModified": 1696022621, + "narHash": "sha256-eMjFmsj2G1E0Q5XiibUNgFjTiSz0GxIeSSzzVdoN730=", + "owner": "thomashoneyman", + "repo": "purescript-overlay", + "rev": "047c7933abd6da8aa239904422e22d190ce55ead", + "type": "github" + }, + "original": { + "owner": "thomashoneyman", + "repo": "purescript-overlay", + "type": "github" + } + }, "pyproject-nix": { "flake": false, "locked": { @@ -337,6 +525,23 @@ "type": "github" } }, + "pyproject-nix_2": { + "flake": false, + "locked": { + "lastModified": 1702448246, + "narHash": "sha256-hFg5s/hoJFv7tDpiGvEvXP0UfFvFEDgTdyHIjDVHu1I=", + "owner": "davhau", + "repo": "pyproject.nix", + "rev": "5a06a2697b228c04dd2f35659b4b659ca74f7aeb", + "type": "github" + }, + "original": { + "owner": "davhau", + "ref": "dream2nix", + "repo": "pyproject.nix", + "type": "github" + } + }, "root": { "inputs": { "catinator": "catinator", @@ -344,6 +549,7 @@ "nixinate": "nixinate", "nixpkgs": "nixpkgs_3", "nixpkgs-unstable": "nixpkgs-unstable", + "pastor": "pastor", "secrets": "secrets" } }, @@ -363,6 +569,22 @@ "type": "github" } }, + "rust-overlay_2": { + "flake": false, + "locked": { + "lastModified": 1723429325, + "narHash": "sha256-4x/32xTCd+xCwFoI/kKSiCr5LQA2ZlyTRYXKEni5HR8=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "65e3dc0fe079fe8df087cd38f1fe6836a0373aad", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "secrets": { "flake": false, "locked": { @@ -403,6 +625,30 @@ "type": "github" } }, + "slimlock_2": { + "inputs": { + "nixpkgs": [ + "pastor", + "nci", + "dream2nix", + "purescript-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1688610262, + "narHash": "sha256-Wg0ViDotFWGWqKIQzyYCgayeH8s4U1OZcTiWTQYdAp4=", + "owner": "thomashoneyman", + "repo": "slimlock", + "rev": "b5c6cdcaf636ebbebd0a1f32520929394493f1a6", + "type": "github" + }, + "original": { + "owner": "thomashoneyman", + "repo": "slimlock", + "type": "github" + } + }, "treefmt": { "inputs": { "nixpkgs": [ @@ -424,6 +670,28 @@ "repo": "treefmt-nix", "type": "github" } + }, + "treefmt_2": { + "inputs": { + "nixpkgs": [ + "pastor", + "nci", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1723402464, + "narHash": "sha256-xjunKUFQs9D7u0TpVoXhrRYb4tbVkutRoFUHj0lEydE=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "c9f97032be6816fa234f24803b8ae79dc7753a91", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } } }, "root": "root", @@ -11,6 +11,7 @@ }; catinator.url = "gitlab:cocainefarm/catinator"; + pastor.url = "gitlab:cocainefarm/pastor/feature/nix"; }; outputs = inputs@{ self, nixpkgs, nixpkgs-unstable, flake-parts, nixinate, ... }: @@ -52,7 +53,7 @@ nixosConfigurations = with self.nixosModules; { # vultr-image = mkSystem [ common users image vultr ]; - ettves = mkSystem [ (import ./machines/ettves) zfs teamspeak postgresql quassel powerdns acme authentik hydra homeassistant games languagetool git laplace catinator ]; + ettves = mkSystem [ (import ./machines/ettves) zfs teamspeak postgresql quassel powerdns acme authentik hydra homeassistant games languagetool git laplace catinator pastor ]; phaenn = mkSystem [ (import ./machines/phaenn) zfs acme tlmp ]; fra01 = mkSystem [ (import ./machines/fra01) vultr bgp powerdns acme garage ]; nyc01 = mkSystem [ (import ./machines/nyc01) vultr bgp powerdns acme garage ]; diff --git a/modules/default.nix b/modules/default.nix index 8bb7960..ee4129a 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -29,4 +29,5 @@ laplace = import ./laplace; catinator = import ./catinator; + pastor = import ./pastor; } diff --git a/modules/pastor/default.nix b/modules/pastor/default.nix new file mode 100644 index 0000000..ddb2628 --- /dev/null +++ b/modules/pastor/default.nix @@ -0,0 +1,25 @@ +{ self, config, lib, pkgs, pastor, ... }: + +{ + imports = [ pastor.nixosModules.default ]; + + services.pastor = {}; + + + security.acme.certs = { + "c-v.sh" = { + extraDomainNames = [ "*.c-v.sh" ]; + }; + }; + + services.nginx = { + enable = true; + virtualHosts = { + "c-v.sh" = (self.lib.nginx.proxyDomain "c-v.sh" "http://127.0.0.1:6881/") // { + extraConfig = '' + client_max_body_size 4G; + ''; + }; + }; + }; +} |