about summary refs log tree commit diff
path: root/users/tazjin/nixos
diff options
context:
space:
mode:
Diffstat (limited to 'users/tazjin/nixos')
-rw-r--r--users/tazjin/nixos/modules/default.nix2
-rw-r--r--users/tazjin/nixos/modules/tgsa.nix24
-rw-r--r--users/tazjin/nixos/polyanka/default.nix4
3 files changed, 30 insertions, 0 deletions
diff --git a/users/tazjin/nixos/modules/default.nix b/users/tazjin/nixos/modules/default.nix
new file mode 100644
index 000000000000..d747e8e1319a
--- /dev/null
+++ b/users/tazjin/nixos/modules/default.nix
@@ -0,0 +1,2 @@
+# Make readTree happy at this level.
+_: { }
diff --git a/users/tazjin/nixos/modules/tgsa.nix b/users/tazjin/nixos/modules/tgsa.nix
new file mode 100644
index 000000000000..82b2bec44acd
--- /dev/null
+++ b/users/tazjin/nixos/modules/tgsa.nix
@@ -0,0 +1,24 @@
+{ config, depot, lib, pkgs, ... }:
+
+{
+  systemd.services.tgsa = {
+    description = "telegram -> SA bbcode thing";
+    wantedBy = [ "multi-user.target" ];
+
+    serviceConfig = {
+      DynamicUser = true;
+      Restart = "always";
+      ExecStart = "${depot.users.tazjin.tgsa}/bin/tgsa";
+    };
+  };
+
+  services.nginx.virtualHosts."tgsa" = {
+    serverName = "tgsa.tazj.in";
+    enableACME = true;
+    forceSSL = true;
+
+    locations."/" = {
+      proxyPass = "http://localhost:8472";
+    };
+  };
+}
diff --git a/users/tazjin/nixos/polyanka/default.nix b/users/tazjin/nixos/polyanka/default.nix
index 7d25be148700..87a36408c08f 100644
--- a/users/tazjin/nixos/polyanka/default.nix
+++ b/users/tazjin/nixos/polyanka/default.nix
@@ -7,10 +7,13 @@ _: # ignore readTree options
 
 let
   mod = name: depot.path + ("/ops/modules/" + name);
+  usermod = name: depot.path + ("/users/tazjin/nixos/modules/" + name);
 in
 {
   imports = [
     (mod "quassel.nix")
+    (mod "www/base.nix")
+    (usermod "tgsa.nix")
   ];
 
   # Use the GRUB 2 boot loader.
@@ -63,6 +66,7 @@ in
     defaultGateway6.address = "2a02:750:7:3305::1";
 
     firewall.enable = true;
+    firewall.allowedTCPPorts = [ 22 80 443 ];
 
     nameservers = [
       "79.99.4.100"