diff options
Diffstat (limited to 'users/tazjin/nixos')
-rw-r--r-- | users/tazjin/nixos/koptevo/default.nix | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/users/tazjin/nixos/koptevo/default.nix b/users/tazjin/nixos/koptevo/default.nix index a8c98427d16b..7c94afe9f00f 100644 --- a/users/tazjin/nixos/koptevo/default.nix +++ b/users/tazjin/nixos/koptevo/default.nix @@ -225,6 +225,47 @@ in }; }; + # TODO(tazjin): move this to a module for radicle stuff + services.radicle = { + enable = true; + publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHs6jSvMdtu9oJCt48etEs8ExjfGY5PmWQsRzFleogS"; + privateKeyFile = "/etc/secrets/radicle"; # TODO: to manage, or not to manage ... + + settings = { + web.pinned.repositories = [ + "rad:z2mdnBK1tX6pibdBfRct3ThCgheHu" # tvix-go + ]; + + node = { + alias = "rad.tazj.in"; + seedingPolicy.default = "block"; + }; + }; + + node = { + openFirewall = true; + listenAddress = "[::]"; + }; + + httpd = { + enable = true; + listenAddress = "127.0.0.1"; + listenPort = 7235; # radl + }; + }; + + services.nginx.virtualHosts."rad.tazj.in" = { + enableACME = true; + forceSSL = true; + locations."/".proxyPass = "http://127.0.0.1:7235"; + }; + + services.nginx.virtualHosts."rad.y.tazj.in" = { + enableSSL = true; + useACMEHost = "y.tazj.in"; + locations."/".proxyPass = "http://127.0.0.1:7235"; + }; + programs.mtr.enable = true; programs.mosh.enable = true; zramSwap.enable = true; |