feat(tazjin/polyanka): deploy a tgsa instance
Change-Id: I8a32c093eb0ac8f6a0c3cfbb358d46d97d0c3b17 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5469 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
This commit is contained in:
parent
792de59c64
commit
78c966dc78
3 changed files with 30 additions and 0 deletions
2
users/tazjin/nixos/modules/default.nix
Normal file
2
users/tazjin/nixos/modules/default.nix
Normal file
|
@ -0,0 +1,2 @@
|
|||
# Make readTree happy at this level.
|
||||
_: { }
|
24
users/tazjin/nixos/modules/tgsa.nix
Normal file
24
users/tazjin/nixos/modules/tgsa.nix
Normal file
|
@ -0,0 +1,24 @@
|
|||
{ config, depot, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
systemd.services.tgsa = {
|
||||
description = "telegram -> SA bbcode thing";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
Restart = "always";
|
||||
ExecStart = "${depot.users.tazjin.tgsa}/bin/tgsa";
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."tgsa" = {
|
||||
serverName = "tgsa.tazj.in";
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:8472";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -7,10 +7,13 @@ _: # ignore readTree options
|
|||
|
||||
let
|
||||
mod = name: depot.path + ("/ops/modules/" + name);
|
||||
usermod = name: depot.path + ("/users/tazjin/nixos/modules/" + name);
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
(mod "quassel.nix")
|
||||
(mod "www/base.nix")
|
||||
(usermod "tgsa.nix")
|
||||
];
|
||||
|
||||
# Use the GRUB 2 boot loader.
|
||||
|
@ -63,6 +66,7 @@ in
|
|||
defaultGateway6.address = "2a02:750:7:3305::1";
|
||||
|
||||
firewall.enable = true;
|
||||
firewall.allowedTCPPorts = [ 22 80 443 ];
|
||||
|
||||
nameservers = [
|
||||
"79.99.4.100"
|
||||
|
|
Loading…
Reference in a new issue