add quotdd

newinfra/nix/hive.nix

@@ -11,10 +11,11 @@
       nixpkgs-unstable = import (fetchTarball "https://github.com/NixOS/nixpkgs/archive/d04953086551086b44b6f3c6b7eeb26294f207da.tar.gz") { }; # nixos-unstable 2024-08-05
 
       website = import (fetchTarball "https://github.com/Noratrieb/website/archive/ab44e5ef7586a220fc1d251bda333a8752bb7783.tar.gz");
-      blog = fetchTarball "https://github.com/Noratrieb/blog/archive/ed4d6674b13ef031379b5d53491a605388e47e3e.tar.gz";
+      blog = fetchTarball "https://github.com/Noratrieb/blog/archive/3d4c1e10d9d555c5358dd432e50cb6fd741dee2a.tar.gz";
       slides = fetchTarball "https://github.com/Noratrieb/slides/archive/0401f35c22b124b69447655f0c537badae9e223c.tar.gz";
 
       pretense = import (fetchTarball "https://github.com/Noratrieb/pretense/archive/270b01fc1118dfd713c1c41530d1a7d98f04527d.tar.gz");
+      quotdd = import (fetchTarball "https://github.com/Noratrieb/quotdd/archive/9c37b3e2093020771ee7c9da6200f95d4269b4e4.tar.gz");
 
       networkingConfig = {
         dns1 = {

newinfra/nix/modules/default/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, config, name, pretense, ... }: {
+{ pkgs, lib, config, name, pretense, quotdd, ... }: {
   deployment.targetHost = "${config.networking.hostName}.infra.noratrieb.dev";
 
   imports = [
@@ -49,7 +49,24 @@
       ];
     };
   };
-  networking.firewall.allowedTCPPorts = [ 23 3306 5432 1521 ];
+  systemd.services.quotdd = {
+    description = "quotdd Quote of The Day Daemon";
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" ];
+    serviceConfig = {
+      DynamicUser = true;
+      ExecStart = "${lib.getExe (quotdd {inherit pkgs;})}";
+      AmbientCapabilities = "CAP_NET_BIND_SERVICE";
+      Environment = [ ];
+    };
+  };
+  networking.firewall.allowedTCPPorts = [
+    23 # telnet, pretense
+    3306 # mysql, pretense
+    5432 # postgres, pretense
+    1521 # oracle, pretense
+    17 # quote of the day, quotdd
+  ];
 
   # monitoring