diff options
| author | Vincent Ambo <tazjin@tvl.su> | 2023-09-22T16·51+0300 |
|---|---|---|
| committer | tazjin <tazjin@tvl.su> | 2023-09-22T17·52+0000 |
| commit | 6b607976ea6931f7c2f7404f9f974bfa01d937b2 (patch) | |
| tree | 5b00e88fc3f7472fde1427caf2a42ce84971c83d /ops | |
| parent | 9eede1c4df124c98bedb9b82827e25f011aadb76 (diff) | |
feat(ops): add nixery-01 instance for hosting nixery.dev r/6635
Change-Id: Ida21ac7240a532bb6063b362155f2b14b2859aae Reviewed-on: https://cl.tvl.fyi/c/depot/+/9426 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
Diffstat (limited to 'ops')
| -rw-r--r-- | ops/machines/nixery-01/default.nix | 31 | ||||
| -rw-r--r-- | ops/nixos.nix | 3 |
2 files changed, 33 insertions, 1 deletions
diff --git a/ops/machines/nixery-01/default.nix b/ops/machines/nixery-01/default.nix new file mode 100644 index 0000000000..c7c8fd4b5e --- /dev/null +++ b/ops/machines/nixery-01/default.nix @@ -0,0 +1,31 @@ +# nixery.dev backing host in ru-central1-b +{ depot, lib, pkgs, ... }: # readTree options +{ config, ... }: # passed by module system + +let + mod = name: depot.path.origSrc + ("/ops/modules/" + name); +in +{ + imports = [ + (mod "known-hosts.nix") + (mod "nixery.nix") + (mod "tvl-users.nix") + (mod "www/nixery.dev.nix") + (mod "yandex-cloud.nix") + + (depot.third_party.agenix.src + "/modules/age.nix") + ]; + + networking = { + hostName = "nixery-01"; + domain = "tvl.fyi"; + firewall.allowedTCPPorts = [ 22 80 443 ]; + }; + + security.sudo.extraRules = lib.singleton { + groups = [ "wheel" ]; + commands = [{ command = "ALL"; options = [ "NOPASSWD" ]; }]; + }; + + services.depot.nixery.enable = true; +} diff --git a/ops/nixos.nix b/ops/nixos.nix index 309f122977..147a016efc 100644 --- a/ops/nixos.nix +++ b/ops/nixos.nix @@ -59,5 +59,6 @@ in rec { # Systems that should be built in CI whitbySystem = (nixosFor depot.ops.machines.whitby).system; sandunySystem = (nixosFor depot.ops.machines.sanduny).system; - meta.ci.targets = [ "sandunySystem" "whitbySystem" ]; + nixeryDev01System = (nixosFor depot.ops.machines.nixery-01).system; + meta.ci.targets = [ "sandunySystem" "whitbySystem" "nixeryDev01System" ]; } |