feat(tazjin/polyanka): deploy a tgsa instance

Change-Id: I8a32c093eb0ac8f6a0c3cfbb358d46d97d0c3b17
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5469
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
This commit is contained in:
Vincent Ambo 2022-04-16 22:21:51 +02:00 committed by tazjin
parent 792de59c64
commit 78c966dc78
3 changed files with 30 additions and 0 deletions

View file

@ -0,0 +1,2 @@
# Make readTree happy at this level.
_: { }

View file

@ -0,0 +1,24 @@
{ config, depot, lib, pkgs, ... }:
{
systemd.services.tgsa = {
description = "telegram -> SA bbcode thing";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
DynamicUser = true;
Restart = "always";
ExecStart = "${depot.users.tazjin.tgsa}/bin/tgsa";
};
};
services.nginx.virtualHosts."tgsa" = {
serverName = "tgsa.tazj.in";
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:8472";
};
};
}

View file

@ -7,10 +7,13 @@ _: # ignore readTree options
let
mod = name: depot.path + ("/ops/modules/" + name);
usermod = name: depot.path + ("/users/tazjin/nixos/modules/" + name);
in
{
imports = [
(mod "quassel.nix")
(mod "www/base.nix")
(usermod "tgsa.nix")
];
# Use the GRUB 2 boot loader.
@ -63,6 +66,7 @@ in
defaultGateway6.address = "2a02:750:7:3305::1";
firewall.enable = true;
firewall.allowedTCPPorts = [ 22 80 443 ];
nameservers = [
"79.99.4.100"