feat(tazjin/nixos): run Radicle seed node & httpd on koptevo
Change-Id: Icd433f433c0abe8f54735ab45a636b4561fe8d3e Reviewed-on: https://cl.tvl.fyi/c/depot/+/12486 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
This commit is contained in:
parent
0022285600
commit
af6dc48971
1 changed files with 41 additions and 0 deletions
|
@ -225,6 +225,47 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# TODO(tazjin): move this to a module for radicle stuff
|
||||||
|
services.radicle = {
|
||||||
|
enable = true;
|
||||||
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHs6jSvMdtu9oJCt48etEs8ExjfGY5PmWQsRzFleogS";
|
||||||
|
privateKeyFile = "/etc/secrets/radicle"; # TODO: to manage, or not to manage ...
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
web.pinned.repositories = [
|
||||||
|
"rad:z2mdnBK1tX6pibdBfRct3ThCgheHu" # tvix-go
|
||||||
|
];
|
||||||
|
|
||||||
|
node = {
|
||||||
|
alias = "rad.tazj.in";
|
||||||
|
seedingPolicy.default = "block";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
node = {
|
||||||
|
openFirewall = true;
|
||||||
|
listenAddress = "[::]";
|
||||||
|
};
|
||||||
|
|
||||||
|
httpd = {
|
||||||
|
enable = true;
|
||||||
|
listenAddress = "127.0.0.1";
|
||||||
|
listenPort = 7235; # radl
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."rad.tazj.in" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
locations."/".proxyPass = "http://127.0.0.1:7235";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."rad.y.tazj.in" = {
|
||||||
|
enableSSL = true;
|
||||||
|
useACMEHost = "y.tazj.in";
|
||||||
|
locations."/".proxyPass = "http://127.0.0.1:7235";
|
||||||
|
};
|
||||||
|
|
||||||
programs.mtr.enable = true;
|
programs.mtr.enable = true;
|
||||||
programs.mosh.enable = true;
|
programs.mosh.enable = true;
|
||||||
zramSwap.enable = true;
|
zramSwap.enable = true;
|
||||||
|
|
Loading…
Reference in a new issue