diff options
author | Vincent Ambo <tazjin@tvl.su> | 2024-09-14T22·24+0300 |
---|---|---|
committer | tazjin <tazjin@tvl.su> | 2024-09-14T23·47+0000 |
commit | af6dc4897132bb646f5740bd15a570cd50744c15 (patch) | |
tree | 592ef69e2a96fbd54e0d6cd3e6f2fac4cb6bc243 /users/tazjin/nixos/koptevo/default.nix | |
parent | 0022285600c5443b9709f5a60a33e38956e1eb14 (diff) |
feat(tazjin/nixos): run Radicle seed node & httpd on koptevo r/8694
Change-Id: Icd433f433c0abe8f54735ab45a636b4561fe8d3e Reviewed-on: https://cl.tvl.fyi/c/depot/+/12486 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
Diffstat (limited to 'users/tazjin/nixos/koptevo/default.nix')
-rw-r--r-- | users/tazjin/nixos/koptevo/default.nix | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/users/tazjin/nixos/koptevo/default.nix b/users/tazjin/nixos/koptevo/default.nix index a8c98427d16b..7c94afe9f00f 100644 --- a/users/tazjin/nixos/koptevo/default.nix +++ b/users/tazjin/nixos/koptevo/default.nix @@ -225,6 +225,47 @@ in }; }; + # TODO(tazjin): move this to a module for radicle stuff + services.radicle = { + enable = true; + publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHs6jSvMdtu9oJCt48etEs8ExjfGY5PmWQsRzFleogS"; + privateKeyFile = "/etc/secrets/radicle"; # TODO: to manage, or not to manage ... + + settings = { + web.pinned.repositories = [ + "rad:z2mdnBK1tX6pibdBfRct3ThCgheHu" # tvix-go + ]; + + node = { + alias = "rad.tazj.in"; + seedingPolicy.default = "block"; + }; + }; + + node = { + openFirewall = true; + listenAddress = "[::]"; + }; + + httpd = { + enable = true; + listenAddress = "127.0.0.1"; + listenPort = 7235; # radl + }; + }; + + services.nginx.virtualHosts."rad.tazj.in" = { + enableACME = true; + forceSSL = true; + locations."/".proxyPass = "http://127.0.0.1:7235"; + }; + + services.nginx.virtualHosts."rad.y.tazj.in" = { + enableSSL = true; + useACMEHost = "y.tazj.in"; + locations."/".proxyPass = "http://127.0.0.1:7235"; + }; + programs.mtr.enable = true; programs.mosh.enable = true; zramSwap.enable = true; |