feat: add codex

flake.lock

@@ -776,16 +776,16 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1721743106,
+        "lastModified": 1723938990,
-        "narHash": "sha256-adRZhFpBTnHiK3XIELA3IBaApz70HwCYfv7xNrHjebA=",
+        "narHash": "sha256-9tUadhnZQbWIiYVXH8ncfGXGvkNq3Hag4RCBEMUk7MI=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "dc14ed91132ee3a26255d01d8fd0c1f5bff27b2f",
+        "rev": "c42fcfbdfeae23e68fc520f9182dde9f38ad1890",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-unstable",
+        "ref": "nixos-24.05",
         "repo": "nixpkgs",
         "type": "github"
       }

flake.nix

@@ -6,7 +6,7 @@
   description = "Auxolotl infrastructure.";
 
   inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
     unstable.url = "github:nixos/nixpkgs/nixos-unstable";
     snowfall-lib = {
       url = "github:snowfallorg/lib";
@@ -73,6 +73,7 @@
         overrides = {
           axol.hostname = "137.184.177.239";
           baxter.hostname = "209.38.149.197";
+					codex.hostname = "64.23.153.98";
         };
       };
 

modules/nixos/auxolotl/services/forge/default.nix

@@ -38,7 +38,7 @@ in {
 
       lfs.enable = true;
 
-      secrets.mailer.PASSWD = "/var/lib/secrets/forgejo-smtp-password";
+			mailerPasswordFile = "/var/lib/secrets/forgejo-smtp-password";
 
       database = {
         type = "postgres";

overlays/buildbot/default.nix

@@ -0,0 +1,4 @@
+{ channels, ... }:
+final: prev: {
+  inherit (channels.unstable) buildbot;
+}

systems/x86_64-linux/codex/default.nix

@@ -0,0 +1,101 @@
+# SPDX-FileCopyrightText: 2024 Auxolotl Infrastructure Contributors
+#
+# SPDX-License-Identifier: GPL-3.0-only
+
+# codex
+# 64.23.153.98
+{ pkgs
+, modulesPath
+, config
+, ...
+}: {
+  imports = [
+    (modulesPath + "/virtualisation/digital-ocean-config.nix")
+  ];
+
+  boot.loader.grub.enable = true;
+
+  virtualisation.digitalOcean.rebuildFromUserData = false;
+
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ];
+
+  environment.systemPackages = with pkgs; [
+    neovim
+  ];
+
+  auxolotl = {
+    nix.enable = true;
+
+    users.infra.enable = true;
+
+    security = {
+      doas.enable = true;
+
+      acme = {
+        enable = true;
+        email = "jake.hamilton@hey.com";
+      };
+    };
+
+    services = {
+      ssh.enable = true;
+    };
+  };
+
+  services = {
+    # Discourse 3.2.5 is intended to be used with PostgreSQL 13. If the Discourse package
+    # is updated, you may want to remove this line.
+    postgresql.package = pkgs.postgresql_13;
+
+    discourse = {
+      enable = true;
+      hostname = "forum.auxolotl.org";
+
+      admin = {
+        # We only want to create the admin account on the initial deployment. Now that one
+        # exists, we can skip this step.
+        skipCreate = true;
+
+        email = "jake.hamilton@hey.com";
+        username = "admin";
+        fullName = "Administrator";
+        passwordFile = "/var/lib/secrets/discourse-admin-password";
+      };
+
+      mail = {
+        # TODO: @minion needs to add an age secret here :)
+      };
+
+      plugins = with config.services.discourse.package.plugins; [
+        discourse-canned-replies
+        discourse-checklist
+        discourse-assign
+        discourse-voting
+        discourse-spoiler-alert
+        discourse-solved
+      ];
+    };
+
+    nginx = {
+      enable = true;
+
+      virtualHosts = {
+        "aux.computer" = {
+          enableACME = true;
+          locations."/".return = "308 https://auxolotl.org/$request_uri";
+        };
+
+        "forum.aux.computer" = {
+          enableACME = true;
+          locations."/".return = "308 https://forum.auxolotl.org/$request_uri";
+        };
+      };
+    };
+  };
+
+
+  system.stateVersion = "23.11";
+}