clan/clan-infra
10
0
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Merge pull request 'test' (#2) from test into main
All checks were successful
build / test (push) Successful in 1m13s
Details

Browse Source 
Reviewed-on: #2
This commit is contained in:
Mic92 2023-07-13 09:37:56 +00:00
commit 5d496726ff
7 changed files with 38 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitea/workflows/check.yaml
View File

@ -6,4 +6,4 @@ jobs:
runs-on: nix runs-on: nix
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- run: nix flake check -vL - run: nix flake check -L

2
README.md
View File

@ -4,8 +4,8 @@ This repository contains nixos modules and terraform code that powers clan.lol.
The website and git hosting is currently on [hetzner](https://www.hetzner.com/). The website and git hosting is currently on [hetzner](https://www.hetzner.com/).
## Servers ## Servers
- web01: - web01:
- soon to be replaced by baremetal hardware
- Instance type: CPX42 - Instance type: CPX42
- CPU: 8 vCPUs on AMD - CPU: 8 vCPUs on AMD
- RAM: 16GB - RAM: 16GB

44
flake.nix
View File

@ -37,7 +37,12 @@
outputs = inputs@{ flake-parts, ... }: outputs = inputs@{ flake-parts, ... }:
flake-parts.lib.mkFlake { inherit inputs; } ({ lib, ... }: { flake-parts.lib.mkFlake { inherit inputs; } ({ lib, ... }: {
systems = lib.systems.flakeExposed; systems = [
"x86_64-linux"
"aarch64-linux"
"aarch64-darwin"
"x86_64-darwin"
];
imports = [ imports = [
inputs.treefmt-nix.flakeModule inputs.treefmt-nix.flakeModule
./targets/flake-module.nix ./targets/flake-module.nix
@ -49,23 +54,26 @@
programs.terraform.enable = true; programs.terraform.enable = true;
programs.nixpkgs-fmt.enable = true; programs.nixpkgs-fmt.enable = true;
}; };
packages.actions-runner = pkgs.callPackage ./pkgs/actions-runner.nix { packages = {
inherit inputs; default = pkgs.mkShell {
}; packages = [
packages.gitea = pkgs.callPackage ./pkgs/gitea {}; pkgs.bashInteractive
packages.default = pkgs.mkShell { pkgs.sops
packages = [ (pkgs.terraform.withPlugins (p: [
pkgs.bashInteractive p.namecheap
pkgs.sops p.netlify
(pkgs.terraform.withPlugins (p: [ p.hcloud
p.namecheap p.null
p.netlify p.external
p.hcloud p.local
p.null ]))
p.external ];
p.local };
])) } // lib.optionalAttrs (!pkgs.stdenv.isDarwin) {
]; gitea = pkgs.callPackage ./pkgs/gitea { };
actions-runner = pkgs.callPackage ./pkgs/actions-runner.nix {
inherit inputs;
};
}; };
}; };
}); });

3
modules/web01/gitea/actions-runner.nix
View File

@ -2,7 +2,8 @@
let let
inherit (self.packages.${pkgs.hostPlatform.system}) actions-runner; inherit (self.packages.${pkgs.hostPlatform.system}) actions-runner;
in { in
{
systemd.services.gitea-actions-runner-nix-image = { systemd.services.gitea-actions-runner-nix-image = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
script = '' script = ''

4
pkgs/zerotier-tcp-proxy.nix
View File

@ -9,8 +9,8 @@ stdenv.mkDerivation {
}; };
patches = [ patches = [
(fetchpatch { (fetchpatch {
url = "https://github.com/zerotier/ZeroTierOne/commit/dd2006d494e85a41d8b818b37460e7cf458a2aee.patch"; url = "https://github.com/zerotier/ZeroTierOne/commit/dd2006d494e85a41d8b818b37460e7cf458a2aee.patch";
hash = "sha256-nuao04pDha7h62RHviUZYx21p6bNOyiU78kBBq2o2Rs="; hash = "sha256-nuao04pDha7h62RHviUZYx21p6bNOyiU78kBBq2o2Rs=";
}) })
]; ];
buildPhase = '' buildPhase = ''

4
pkgs/zt-tcp-relay.nix
View File

@ -18,8 +18,8 @@ rustPlatform.buildRustPackage {
patches = [ patches = [
# https://github.com/alexander-akhmetov/zt-tcp-relay/pull/19 # https://github.com/alexander-akhmetov/zt-tcp-relay/pull/19
(fetchpatch { (fetchpatch {
url = "https://github.com/alexander-akhmetov/zt-tcp-relay/commit/69f0a4f1f210dcd7a305036d4737d9a29215824d.patch"; url = "https://github.com/alexander-akhmetov/zt-tcp-relay/commit/69f0a4f1f210dcd7a305036d4737d9a29215824d.patch";
hash = "sha256-kqZS9IjwEggLE6CQFaacL2TyTUn0PQCz1TPdoZdDrk0="; hash = "sha256-kqZS9IjwEggLE6CQFaacL2TyTUn0PQCz1TPdoZdDrk0=";
}) })
]; ];

2
terraform/web01/dns.tf
View File

@ -86,7 +86,7 @@ resource "netlify_dns_record" "dkim" {
hostname = "v1._domainkey.${var.domain}" hostname = "v1._domainkey.${var.domain}"
type = "TXT" type = "TXT"
# take from `systemctl status opendkim` # take from `systemctl status opendkim`
value = "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTFSkQcM0v6mC4kiWEoF/EgK/hPVgOBJlHesLVIe+8BmidylaUowKlyC2gECipXhoVX9++OfMFAKNtGrIJcCTVNH/DRGkhbHLSxzzXijCbJ7G/fjpHRifpxMydEmybQDKdidR44YMR74Aj0OwUEgu+N/yJZ2+ubOlstW0fZJaJwQIDAQAB" value = "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTFSkQcM0v6mC4kiWEoF/EgK/hPVgOBJlHesLVIe+8BmidylaUowKlyC2gECipXhoVX9++OfMFAKNtGrIJcCTVNH/DRGkhbHLSxzzXijCbJ7G/fjpHRifpxMydEmybQDKdidR44YMR74Aj0OwUEgu+N/yJZ2+ubOlstW0fZJaJwQIDAQAB"
} }
resource "netlify_dns_record" "adsp" { resource "netlify_dns_record" "adsp" {