diff options
author | William Carroll <wpcarro@gmail.com> | 2021-12-24T17·56-0500 |
---|---|---|
committer | clbot <clbot@tvl.fyi> | 2021-12-24T18·11+0000 |
commit | fbfce6c2a0f08176194c39777d62c325ebb3fe5e (patch) | |
tree | aa54ed320d39174177d3c83290dfabfa731b28bc /users/wpcarro/nixos/diogenes/default.nix | |
parent | ea39c6bdfe12771910e3847de8b9393ca91101cb (diff) |
feat(wpcarro/irc): Support Quassel client/server r/3358
- server: diogenes - client: marcus Change-Id: Ifc3a58370f6d68aec35ef363a40d03a8429f8012 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4579 Tested-by: BuildkiteCI Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com>
Diffstat (limited to 'users/wpcarro/nixos/diogenes/default.nix')
-rw-r--r-- | users/wpcarro/nixos/diogenes/default.nix | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/users/wpcarro/nixos/diogenes/default.nix b/users/wpcarro/nixos/diogenes/default.nix index d3de8890d3f2..5bcf404127a3 100644 --- a/users/wpcarro/nixos/diogenes/default.nix +++ b/users/wpcarro/nixos/diogenes/default.nix @@ -5,6 +5,7 @@ let inherit (depot.users.wpcarro) keys; in { imports = [ + "${depot.path}/ops/modules/quassel.nix" (pkgs.path + "/nixos/modules/virtualisation/google-compute-image.nix") ]; @@ -27,7 +28,7 @@ in { users = { wpcarro = { isNormalUser = true; - extraGroups = [ "wheel" ]; + extraGroups = [ "wheel" "quassel" ]; openssh.authorizedKeys.keys = keys.all; shell = pkgs.fish; }; @@ -35,9 +36,16 @@ in { }; security = { - # Provision SSL certificates to support HTTPS connections. - acme.acceptTerms = true; - acme.email = "wpcarro@gmail.com"; + acme = { + acceptTerms = true; + email = "wpcarro@gmail.com"; + + certs."quassel.wpcarro.dev" = { + email = "wpcarro@gmail.com"; + webroot = "/var/lib/acme/challenge-quassel"; + group = "quassel"; + }; + }; sudo.wheelNeedsPassword = false; }; @@ -62,6 +70,14 @@ in { preserveGenerations = "14d"; }; + depot.quassel = { + enable = true; + acmeHost = "quassel.wpcarro.dev"; + bindAddresses = [ + "0.0.0.0" + ]; + }; + journaldriver = { enable = true; logStream = "home"; |