about summary refs log tree commit diff
path: root/users/wpcarro/nixos/diogenes/default.nix
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2021-12-24T17·56-0500
committerclbot <clbot@tvl.fyi>2021-12-24T18·11+0000
commitfbfce6c2a0f08176194c39777d62c325ebb3fe5e (patch)
treeaa54ed320d39174177d3c83290dfabfa731b28bc /users/wpcarro/nixos/diogenes/default.nix
parentea39c6bdfe12771910e3847de8b9393ca91101cb (diff)
feat(wpcarro/irc): Support Quassel client/server r/3358
- server: diogenes
- client: marcus

Change-Id: Ifc3a58370f6d68aec35ef363a40d03a8429f8012
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4579
Tested-by: BuildkiteCI
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Diffstat (limited to 'users/wpcarro/nixos/diogenes/default.nix')
-rw-r--r--users/wpcarro/nixos/diogenes/default.nix24
1 files changed, 20 insertions, 4 deletions
diff --git a/users/wpcarro/nixos/diogenes/default.nix b/users/wpcarro/nixos/diogenes/default.nix
index d3de8890d3f2..5bcf404127a3 100644
--- a/users/wpcarro/nixos/diogenes/default.nix
+++ b/users/wpcarro/nixos/diogenes/default.nix
@@ -5,6 +5,7 @@ let
   inherit (depot.users.wpcarro) keys;
 in {
   imports = [
+    "${depot.path}/ops/modules/quassel.nix"
     (pkgs.path + "/nixos/modules/virtualisation/google-compute-image.nix")
   ];
 
@@ -27,7 +28,7 @@ in {
     users = {
       wpcarro = {
         isNormalUser = true;
-        extraGroups = [ "wheel" ];
+        extraGroups = [ "wheel" "quassel" ];
         openssh.authorizedKeys.keys = keys.all;
         shell = pkgs.fish;
       };
@@ -35,9 +36,16 @@ in {
   };
 
   security = {
-    # Provision SSL certificates to support HTTPS connections.
-    acme.acceptTerms = true;
-    acme.email = "wpcarro@gmail.com";
+    acme = {
+      acceptTerms = true;
+      email = "wpcarro@gmail.com";
+
+      certs."quassel.wpcarro.dev" = {
+        email = "wpcarro@gmail.com";
+        webroot = "/var/lib/acme/challenge-quassel";
+        group = "quassel";
+      };
+    };
 
     sudo.wheelNeedsPassword = false;
   };
@@ -62,6 +70,14 @@ in {
       preserveGenerations = "14d";
     };
 
+    depot.quassel = {
+      enable = true;
+      acmeHost = "quassel.wpcarro.dev";
+      bindAddresses = [
+        "0.0.0.0"
+      ];
+    };
+
     journaldriver = {
       enable = true;
       logStream = "home";