From 78c966dc78e12bd00cac3987f4f221a760850010 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Sat, 16 Apr 2022 22:21:51 +0200 Subject: [PATCH] feat(tazjin/polyanka): deploy a tgsa instance Change-Id: I8a32c093eb0ac8f6a0c3cfbb358d46d97d0c3b17 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5469 Tested-by: BuildkiteCI Reviewed-by: tazjin --- users/tazjin/nixos/modules/default.nix | 2 ++ users/tazjin/nixos/modules/tgsa.nix | 24 ++++++++++++++++++++++++ users/tazjin/nixos/polyanka/default.nix | 4 ++++ 3 files changed, 30 insertions(+) create mode 100644 users/tazjin/nixos/modules/default.nix create mode 100644 users/tazjin/nixos/modules/tgsa.nix diff --git a/users/tazjin/nixos/modules/default.nix b/users/tazjin/nixos/modules/default.nix new file mode 100644 index 000000000..d747e8e13 --- /dev/null +++ b/users/tazjin/nixos/modules/default.nix @@ -0,0 +1,2 @@ +# Make readTree happy at this level. +_: { } diff --git a/users/tazjin/nixos/modules/tgsa.nix b/users/tazjin/nixos/modules/tgsa.nix new file mode 100644 index 000000000..82b2bec44 --- /dev/null +++ b/users/tazjin/nixos/modules/tgsa.nix @@ -0,0 +1,24 @@ +{ config, depot, lib, pkgs, ... }: + +{ + systemd.services.tgsa = { + description = "telegram -> SA bbcode thing"; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + DynamicUser = true; + Restart = "always"; + ExecStart = "${depot.users.tazjin.tgsa}/bin/tgsa"; + }; + }; + + services.nginx.virtualHosts."tgsa" = { + serverName = "tgsa.tazj.in"; + enableACME = true; + forceSSL = true; + + locations."/" = { + proxyPass = "http://localhost:8472"; + }; + }; +} diff --git a/users/tazjin/nixos/polyanka/default.nix b/users/tazjin/nixos/polyanka/default.nix index 7d25be148..87a36408c 100644 --- a/users/tazjin/nixos/polyanka/default.nix +++ b/users/tazjin/nixos/polyanka/default.nix @@ -7,10 +7,13 @@ _: # ignore readTree options let mod = name: depot.path + ("/ops/modules/" + name); + usermod = name: depot.path + ("/users/tazjin/nixos/modules/" + name); in { imports = [ (mod "quassel.nix") + (mod "www/base.nix") + (usermod "tgsa.nix") ]; # Use the GRUB 2 boot loader. @@ -63,6 +66,7 @@ in defaultGateway6.address = "2a02:750:7:3305::1"; firewall.enable = true; + firewall.allowedTCPPorts = [ 22 80 443 ]; nameservers = [ "79.99.4.100"