about summary refs log tree commit diff
path: root/users/grfn/bbbg/tf.nix
diff options
context:
space:
mode:
Diffstat (limited to 'users/grfn/bbbg/tf.nix')
-rw-r--r--users/grfn/bbbg/tf.nix96
1 files changed, 0 insertions, 96 deletions
diff --git a/users/grfn/bbbg/tf.nix b/users/grfn/bbbg/tf.nix
deleted file mode 100644
index d5b19d9ebc88..000000000000
--- a/users/grfn/bbbg/tf.nix
+++ /dev/null
@@ -1,96 +0,0 @@
-{ depot, ... }:
-
-let
-  inherit (depot.users.grfn)
-    terraform
-    ;
-
-in
-terraform.workspace "bbbg"
-{
-  plugins = (p: with p; [
-    aws
-    cloudflare
-  ]);
-}
-{
-  machine = terraform.nixosMachine {
-    name = "bbbg";
-    instanceType = "t3a.small";
-    rootVolumeSizeGb = 250;
-    extraIngressPorts = [ 80 443 ];
-    configuration = { pkgs, lib, config, depot, ... }: {
-      imports = [
-        ./module.nix
-        "${depot.third_party.agenix.src}/modules/age.nix"
-      ];
-
-      services.openssh.enable = true;
-
-      services.nginx = {
-        enable = true;
-        recommendedTlsSettings = true;
-        recommendedOptimisation = true;
-        recommendedGzipSettings = true;
-        recommendedProxySettings = true;
-      };
-
-      networking.firewall.enable = false;
-
-      programs.zsh.enable = true;
-
-      users.users.grfn = {
-        isNormalUser = true;
-        initialPassword = "password";
-        extraGroups = [
-          "wheel"
-          "networkmanager"
-          "audio"
-          "docker"
-        ];
-        shell = pkgs.zsh;
-        openssh.authorizedKeys.keys = [
-          depot.users.grfn.keys.main
-        ];
-      };
-
-      security.sudo.extraRules = [{
-        groups = [ "wheel" ];
-        commands = [{ command = "ALL"; options = [ "NOPASSWD" ]; }];
-      }];
-
-      nix.gc = {
-        automatic = true;
-        dates = "weekly";
-        options = "--delete-older-than 30d";
-      };
-
-      age.secrets = {
-        bbbg.file =
-          depot.users.grfn.secrets."bbbg.age";
-      };
-
-      services.bbbg.enable = true;
-      services.bbbg.database.enable = true;
-      services.bbbg.proxy.enable = true;
-      services.bbbg.domain = "bbbg.gws.fyi";
-
-      security.acme.defaults.email = "root@gws.fyi";
-      security.acme.acceptTerms = true;
-    };
-  };
-
-  dns = {
-    data.cloudflare_zone.gws-fyi = {
-      name = "gws.fyi";
-    };
-
-    resource.cloudflare_record.bbbg = {
-      zone_id = "\${data.cloudflare_zone.gws-fyi.id}";
-      name = "bbbg";
-      type = "A";
-      value = "\${aws_instance.bbbg_machine.public_ip}";
-      proxied = false;
-    };
-  };
-}
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-09T20ยท44+0000