forked from clan/clan-infra
Merge pull request 'test' (#2) from test into main
Reviewed-on: clan/clan-infra#2
This commit is contained in:
commit
5d496726ff
@ -6,4 +6,4 @@ jobs:
|
||||
runs-on: nix
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- run: nix flake check -vL
|
||||
- run: nix flake check -L
|
||||
|
@ -4,8 +4,8 @@ This repository contains nixos modules and terraform code that powers clan.lol.
|
||||
The website and git hosting is currently on [hetzner](https://www.hetzner.com/).
|
||||
|
||||
## Servers
|
||||
|
||||
- web01:
|
||||
- soon to be replaced by baremetal hardware
|
||||
- Instance type: CPX42
|
||||
- CPU: 8 vCPUs on AMD
|
||||
- RAM: 16GB
|
||||
|
44
flake.nix
44
flake.nix
@ -37,7 +37,12 @@
|
||||
|
||||
outputs = inputs@{ flake-parts, ... }:
|
||||
flake-parts.lib.mkFlake { inherit inputs; } ({ lib, ... }: {
|
||||
systems = lib.systems.flakeExposed;
|
||||
systems = [
|
||||
"x86_64-linux"
|
||||
"aarch64-linux"
|
||||
"aarch64-darwin"
|
||||
"x86_64-darwin"
|
||||
];
|
||||
imports = [
|
||||
inputs.treefmt-nix.flakeModule
|
||||
./targets/flake-module.nix
|
||||
@ -49,23 +54,26 @@
|
||||
programs.terraform.enable = true;
|
||||
programs.nixpkgs-fmt.enable = true;
|
||||
};
|
||||
packages.actions-runner = pkgs.callPackage ./pkgs/actions-runner.nix {
|
||||
inherit inputs;
|
||||
};
|
||||
packages.gitea = pkgs.callPackage ./pkgs/gitea {};
|
||||
packages.default = pkgs.mkShell {
|
||||
packages = [
|
||||
pkgs.bashInteractive
|
||||
pkgs.sops
|
||||
(pkgs.terraform.withPlugins (p: [
|
||||
p.namecheap
|
||||
p.netlify
|
||||
p.hcloud
|
||||
p.null
|
||||
p.external
|
||||
p.local
|
||||
]))
|
||||
];
|
||||
packages = {
|
||||
default = pkgs.mkShell {
|
||||
packages = [
|
||||
pkgs.bashInteractive
|
||||
pkgs.sops
|
||||
(pkgs.terraform.withPlugins (p: [
|
||||
p.namecheap
|
||||
p.netlify
|
||||
p.hcloud
|
||||
p.null
|
||||
p.external
|
||||
p.local
|
||||
]))
|
||||
];
|
||||
};
|
||||
} // lib.optionalAttrs (!pkgs.stdenv.isDarwin) {
|
||||
gitea = pkgs.callPackage ./pkgs/gitea { };
|
||||
actions-runner = pkgs.callPackage ./pkgs/actions-runner.nix {
|
||||
inherit inputs;
|
||||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
|
@ -2,7 +2,8 @@
|
||||
|
||||
let
|
||||
inherit (self.packages.${pkgs.hostPlatform.system}) actions-runner;
|
||||
in {
|
||||
in
|
||||
{
|
||||
systemd.services.gitea-actions-runner-nix-image = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
script = ''
|
||||
@ -39,12 +40,12 @@ in {
|
||||
virtualisation.podman.enable = true;
|
||||
|
||||
systemd.services.gitea-runner-nix = {
|
||||
after = [
|
||||
after = [
|
||||
"gitea-actions-runner-nix-token.service"
|
||||
"gitea-actions-runner-nix-image.service"
|
||||
];
|
||||
requires = [
|
||||
"gitea-actions-runner-nix-token.service"
|
||||
requires = [
|
||||
"gitea-actions-runner-nix-token.service"
|
||||
"gitea-actions-runner-nix-image.service"
|
||||
];
|
||||
};
|
||||
|
@ -9,8 +9,8 @@ stdenv.mkDerivation {
|
||||
};
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://github.com/zerotier/ZeroTierOne/commit/dd2006d494e85a41d8b818b37460e7cf458a2aee.patch";
|
||||
hash = "sha256-nuao04pDha7h62RHviUZYx21p6bNOyiU78kBBq2o2Rs=";
|
||||
url = "https://github.com/zerotier/ZeroTierOne/commit/dd2006d494e85a41d8b818b37460e7cf458a2aee.patch";
|
||||
hash = "sha256-nuao04pDha7h62RHviUZYx21p6bNOyiU78kBBq2o2Rs=";
|
||||
})
|
||||
];
|
||||
buildPhase = ''
|
||||
|
@ -18,8 +18,8 @@ rustPlatform.buildRustPackage {
|
||||
patches = [
|
||||
# https://github.com/alexander-akhmetov/zt-tcp-relay/pull/19
|
||||
(fetchpatch {
|
||||
url = "https://github.com/alexander-akhmetov/zt-tcp-relay/commit/69f0a4f1f210dcd7a305036d4737d9a29215824d.patch";
|
||||
hash = "sha256-kqZS9IjwEggLE6CQFaacL2TyTUn0PQCz1TPdoZdDrk0=";
|
||||
url = "https://github.com/alexander-akhmetov/zt-tcp-relay/commit/69f0a4f1f210dcd7a305036d4737d9a29215824d.patch";
|
||||
hash = "sha256-kqZS9IjwEggLE6CQFaacL2TyTUn0PQCz1TPdoZdDrk0=";
|
||||
})
|
||||
];
|
||||
|
||||
|
@ -86,7 +86,7 @@ resource "netlify_dns_record" "dkim" {
|
||||
hostname = "v1._domainkey.${var.domain}"
|
||||
type = "TXT"
|
||||
# take from `systemctl status opendkim`
|
||||
value = "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTFSkQcM0v6mC4kiWEoF/EgK/hPVgOBJlHesLVIe+8BmidylaUowKlyC2gECipXhoVX9++OfMFAKNtGrIJcCTVNH/DRGkhbHLSxzzXijCbJ7G/fjpHRifpxMydEmybQDKdidR44YMR74Aj0OwUEgu+N/yJZ2+ubOlstW0fZJaJwQIDAQAB"
|
||||
value = "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTFSkQcM0v6mC4kiWEoF/EgK/hPVgOBJlHesLVIe+8BmidylaUowKlyC2gECipXhoVX9++OfMFAKNtGrIJcCTVNH/DRGkhbHLSxzzXijCbJ7G/fjpHRifpxMydEmybQDKdidR44YMR74Aj0OwUEgu+N/yJZ2+ubOlstW0fZJaJwQIDAQAB"
|
||||
}
|
||||
|
||||
resource "netlify_dns_record" "adsp" {
|
||||
|
Loading…
Reference in New Issue
Block a user