feat(tazjin/polyanka): deploy a tgsa instance
Change-Id: I8a32c093eb0ac8f6a0c3cfbb358d46d97d0c3b17 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5469 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
This commit is contained in:
parent
792de59c64
commit
78c966dc78
3 changed files with 30 additions and 0 deletions
2
users/tazjin/nixos/modules/default.nix
Normal file
2
users/tazjin/nixos/modules/default.nix
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
# Make readTree happy at this level.
|
||||||
|
_: { }
|
24
users/tazjin/nixos/modules/tgsa.nix
Normal file
24
users/tazjin/nixos/modules/tgsa.nix
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
{ config, depot, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
systemd.services.tgsa = {
|
||||||
|
description = "telegram -> SA bbcode thing";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
DynamicUser = true;
|
||||||
|
Restart = "always";
|
||||||
|
ExecStart = "${depot.users.tazjin.tgsa}/bin/tgsa";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."tgsa" = {
|
||||||
|
serverName = "tgsa.tazj.in";
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:8472";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -7,10 +7,13 @@ _: # ignore readTree options
|
||||||
|
|
||||||
let
|
let
|
||||||
mod = name: depot.path + ("/ops/modules/" + name);
|
mod = name: depot.path + ("/ops/modules/" + name);
|
||||||
|
usermod = name: depot.path + ("/users/tazjin/nixos/modules/" + name);
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
(mod "quassel.nix")
|
(mod "quassel.nix")
|
||||||
|
(mod "www/base.nix")
|
||||||
|
(usermod "tgsa.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
# Use the GRUB 2 boot loader.
|
# Use the GRUB 2 boot loader.
|
||||||
|
@ -63,6 +66,7 @@ in
|
||||||
defaultGateway6.address = "2a02:750:7:3305::1";
|
defaultGateway6.address = "2a02:750:7:3305::1";
|
||||||
|
|
||||||
firewall.enable = true;
|
firewall.enable = true;
|
||||||
|
firewall.allowedTCPPorts = [ 22 80 443 ];
|
||||||
|
|
||||||
nameservers = [
|
nameservers = [
|
||||||
"79.99.4.100"
|
"79.99.4.100"
|
||||||
|
|
Loading…
Reference in a new issue