2024-08-20 22:09:43 +00:00
|
|
|
# SPDX-FileCopyrightText: 2024 Auxolotl Infrastructure Contributors
|
|
|
|
#
|
|
|
|
# SPDX-License-Identifier: GPL-3.0-only
|
|
|
|
|
|
|
|
# codex
|
|
|
|
# 64.23.153.98
|
|
|
|
{ pkgs
|
|
|
|
, modulesPath
|
|
|
|
, config
|
2024-08-20 22:38:54 +00:00
|
|
|
, lib
|
2024-08-20 22:09:43 +00:00
|
|
|
, ...
|
|
|
|
}: {
|
|
|
|
imports = [
|
|
|
|
(modulesPath + "/virtualisation/digital-ocean-config.nix")
|
|
|
|
];
|
|
|
|
|
|
|
|
boot.loader.grub.enable = true;
|
|
|
|
|
|
|
|
virtualisation.digitalOcean.rebuildFromUserData = false;
|
|
|
|
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
|
|
80
|
|
|
|
443
|
|
|
|
];
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
neovim
|
|
|
|
];
|
|
|
|
|
|
|
|
auxolotl = {
|
|
|
|
nix.enable = true;
|
|
|
|
|
|
|
|
users.infra.enable = true;
|
|
|
|
|
|
|
|
security = {
|
|
|
|
doas.enable = true;
|
|
|
|
|
|
|
|
acme = {
|
|
|
|
enable = true;
|
|
|
|
email = "jake.hamilton@hey.com";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
services = {
|
|
|
|
ssh.enable = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
services = {
|
|
|
|
# Discourse 3.2.5 is intended to be used with PostgreSQL 13. If the Discourse package
|
|
|
|
# is updated, you may want to remove this line.
|
|
|
|
postgresql.package = pkgs.postgresql_13;
|
|
|
|
|
|
|
|
discourse = {
|
|
|
|
enable = true;
|
|
|
|
hostname = "forum.auxolotl.org";
|
|
|
|
|
|
|
|
admin = {
|
|
|
|
# We only want to create the admin account on the initial deployment. Now that one
|
|
|
|
# exists, we can skip this step.
|
|
|
|
skipCreate = true;
|
|
|
|
|
|
|
|
email = "jake.hamilton@hey.com";
|
|
|
|
username = "admin";
|
|
|
|
fullName = "Administrator";
|
|
|
|
passwordFile = "/var/lib/secrets/discourse-admin-password";
|
|
|
|
};
|
|
|
|
|
|
|
|
mail = {
|
|
|
|
# TODO: @minion needs to add an age secret here :)
|
|
|
|
};
|
|
|
|
|
|
|
|
plugins = with config.services.discourse.package.plugins; [
|
|
|
|
discourse-canned-replies
|
|
|
|
discourse-checklist
|
|
|
|
discourse-assign
|
|
|
|
discourse-voting
|
|
|
|
discourse-spoiler-alert
|
|
|
|
discourse-solved
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
nginx = {
|
|
|
|
enable = true;
|
|
|
|
|
|
|
|
virtualHosts = {
|
|
|
|
"aux.computer" = {
|
|
|
|
enableACME = true;
|
2024-08-20 22:38:54 +00:00
|
|
|
forceSSL = true;
|
|
|
|
globalRedirect = "auxolotl.org";
|
|
|
|
redirectCode = 308;
|
2024-08-20 22:09:43 +00:00
|
|
|
};
|
|
|
|
"forum.aux.computer" = {
|
|
|
|
enableACME = true;
|
2024-08-20 22:38:54 +00:00
|
|
|
forceSSL = true;
|
|
|
|
globalRedirect = "forum.auxolotl.org";
|
|
|
|
redirectCode = 308;
|
2024-08-20 22:09:43 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
system.stateVersion = "23.11";
|
|
|
|
}
|