infra/systems/x86_64-linux/codex/default.nix
Jake Hamilton bf781e7f9e
All checks were successful
buildbot/nix-eval Build done.
feat: add codex
2024-08-20 15:09:43 -07:00

102 lines
2.1 KiB
Nix

# SPDX-FileCopyrightText: 2024 Auxolotl Infrastructure Contributors
#
# SPDX-License-Identifier: GPL-3.0-only
# codex
# 64.23.153.98
{ pkgs
, modulesPath
, config
, ...
}: {
imports = [
(modulesPath + "/virtualisation/digital-ocean-config.nix")
];
boot.loader.grub.enable = true;
virtualisation.digitalOcean.rebuildFromUserData = false;
networking.firewall.allowedTCPPorts = [
80
443
];
environment.systemPackages = with pkgs; [
neovim
];
auxolotl = {
nix.enable = true;
users.infra.enable = true;
security = {
doas.enable = true;
acme = {
enable = true;
email = "jake.hamilton@hey.com";
};
};
services = {
ssh.enable = true;
};
};
services = {
# Discourse 3.2.5 is intended to be used with PostgreSQL 13. If the Discourse package
# is updated, you may want to remove this line.
postgresql.package = pkgs.postgresql_13;
discourse = {
enable = true;
hostname = "forum.auxolotl.org";
admin = {
# We only want to create the admin account on the initial deployment. Now that one
# exists, we can skip this step.
skipCreate = true;
email = "jake.hamilton@hey.com";
username = "admin";
fullName = "Administrator";
passwordFile = "/var/lib/secrets/discourse-admin-password";
};
mail = {
# TODO: @minion needs to add an age secret here :)
};
plugins = with config.services.discourse.package.plugins; [
discourse-canned-replies
discourse-checklist
discourse-assign
discourse-voting
discourse-spoiler-alert
discourse-solved
];
};
nginx = {
enable = true;
virtualHosts = {
"aux.computer" = {
enableACME = true;
locations."/".return = "308 https://auxolotl.org/$request_uri";
};
"forum.aux.computer" = {
enableACME = true;
locations."/".return = "308 https://forum.auxolotl.org/$request_uri";
};
};
};
};
system.stateVersion = "23.11";
}