hugo

2026-01-14 16:55:00 +01:00 · 2024-07-28 15:48:19 +02:00 · 2024-07-28 15:48:19 +02:00 · eb951eeaa9
commit eb951eeaa9
parent 8e37024787
14 changed files with 77 additions and 21 deletions
--- a/newinfra/nix/hive.nix
+++ b/newinfra/nix/hive.nix
@ -118,7 +118,6 @@
      ./modules/contabo
      ./modules/wg-mesh
      ./modules/ingress
      ./modules/minio
      ./modules/widetom
    ];
@ -153,12 +152,10 @@
      (modulesPath + "/profiles/qemu-guest.nix")
      ./modules/contabo
      ./modules/wg-mesh
      ./modules/ingress
      ./modules/minio
    ];
    networking.hostName = name;
-    deployment.tags = [ "ingress" "eu" "apps" "wg" ];
+    deployment.tags = [ "eu" "apps" "wg" ];
    system.stateVersion = "23.11";
    # TODO: move
--- a/newinfra/nix/modules/dns/noratrieb.dev.nix
+++ b/newinfra/nix/modules/dns/noratrieb.dev.nix
@ -32,6 +32,8 @@ let
          "she/her"
        ];
        test1.A = vps1.A ++ vps3.A;
        localhost.A = [ (a "127.0.0.1") ];
        newtest.TXT = [ "uwu it works" ];
--- a/newinfra/nix/modules/hugo-chat/default.nix
+++ b/newinfra/nix/modules/hugo-chat/default.nix
@ -0,0 +1,54 @@
 { config, ... }:
 let
  dockerLogin = {
    registry = "docker.nilstrieb.dev";
    username = "nils";
    passwordFile = config.age.secrets.docker_registry_password.path;
  };
 in
 {
  age.secrets.hugochat_db_password.file = ../../secrets/hugochat_db_password.age;
  virtualisation.oci-containers.containers = {
    /*
      hugo_chat_client:
        container_name: hugo-chat-client
        image: "docker.nilstrieb.dev/hugo-chat-client:63bd1922"
        restart: always
        ports:
          - "5002:80"
    */
    hugo-chat-client = {
      image = "docker.nilstrieb.dev/hugo-chat-client:63bd1922";
      login = dockerLogin;
      ports = [ "5002:80" ];
    };
    /*
      hugo_chat_server:
        container_name: hugo-chat-server
        image: "docker.nilstrieb.dev/hugo-chat-server:63bd1922"
        ports:
          - "5001:8080"
        environment:
          SPRING_DATASOURCE_URL: "jdbc:postgresql://hugo-chat-db:5432/hugochat"
          SPRING_DATASOURCE_PASSWORD: "${HUGO_CHAT_DB_PASSWORD}"
        networks:
          - hugo-chat
    */
    hugo-chat-server = {
      image = "docker.nilstrieb.dev/hugo-chat-server:63bd1922";
      ports = [ "5001:80" ];
      environment = {
        SPRING_DATASOURCE_URL = "jdbc:postgresql://vps1.local:5432/hugochat";
      };
      environmentFiles = [ config.age.secrets.hugochat_db_password.path ];
      login = dockerLogin;
    };
    /*
      POSTGRES_PASSWORD: "${HUGO_CHAT_DB_PASSWORD}"
      PGDATA: "/var/lib/postgresql/data/pgdata"
    */
    services.postgresql.ensureDatabases = [ "hugochat" ];
  };
 }
--- a/newinfra/nix/modules/minio/default.nix
+++ b/newinfra/nix/modules/minio/default.nix
@ -1,9 +0,0 @@
 { config, ... }: {
  age.secrets.minio_env_file.file = ../../secrets/minio_env_file.age;
  services.minio = {
    enable = true;
    region = "eu";
    rootCredentialsFile = config.age.secrets.minio_env_file.path;
  };
 }
--- a/newinfra/nix/modules/postgres/default.nix
+++ b/newinfra/nix/modules/postgres/default.nix
@ -0,0 +1,6 @@
 { pkgs, ... }: {
  services.postgresql = {
    enable = true;
    package = pkgs.postgresql_16;
  };
 }
--- a/newinfra/nix/secrets/docker_registry_password.age
+++ b/newinfra/nix/secrets/docker_registry_password.age
@ -1,5 +1,5 @@
 age-encryption.org/v1
-> ssh-ed25519 qM6TYg h7thhES4AbX7wd5Q0GC+VOIPU+yRezLL/yGlP1oNRT8
+-> ssh-ed25519 qM6TYg Mi5DHbfLOMSQaKaB78XZbA273KGvj/HHF4vOiMRsMjA
-owpgDNXP3xaM8vLv2UoU3ZanvATRneY01wnSEwJ62RQ
+Zf7+IY93cTywmg7qjGyQ00YLJTc3MstQKyfFfpDqWic
--- 77pBCJdp1bAPFZqAJHCE8f0baRQf1pYupF9rN6XN+IQ
+--- KCKAhA7w141LPjEGSUI/azd8YFPn2EJWPGTyYXlnX+4
-G’å¬+·îk$<11>LœH¬¡ÁH’_§pPq8
úª–‡ûkî½qÞ‡a+ÆºæÛØUZ:GAØq
+ś ćŘPÉ_íg$vCý˘ĂÜh/…Ęjz:chđíd#W¤ci ăjE3…ëkó>tű`đ
--- a/newinfra/nix/secrets/hugochat_db_password.age
+++ b/newinfra/nix/secrets/hugochat_db_password.age
@ -0,0 +1,5 @@
 age-encryption.org/v1
 -> ssh-ed25519 qM6TYg f2NnXHIO+lzuRNlvp70HCjFET8cqwLrQjEdXkK4wVgg
 HAUu/GGX/UHewWbCXfaiYx5h8xyLXN/Y3kTYHn+GT5M
 --- tx0L90qNb6i1Bv1P5QsZUNu7FKQT3j09h/T1QDdwRZ8
 ž¯c³”ÖÜÿö¨aÿUòqb!ÊfFÇ”	UAiÁ{Ï”„²<E2809E>³|9Ã?Ð[bH<14>p›ÅA©ÓnÃê§^g	0œµÓ“;þÆœ¤:ûyu»‘ŸÞmúïó–îæ<>¸±ÒÒò
--- a/newinfra/nix/secrets/minio_env_file.age
+++ b/newinfra/nix/secrets/minio_env_file.age
--- a/newinfra/nix/secrets/secrets.nix
+++ b/newinfra/nix/secrets/secrets.nix
@ -6,6 +6,7 @@ in
  "widetom_bot_token.age".publicKeys = [ vps1 ];
  "widetom_config_toml.age".publicKeys = [ vps1 ];
  "docker_registry_password.age".publicKeys = [ vps1 ];
  "hugochat_db_password.age".publicKeys = [ vps1 ];
  "minio_env_file.age".publicKeys = [ vps1 vps3 ];
  "wg_private_vps1.age".publicKeys = [ vps1 ];
  "wg_private_vps3.age".publicKeys = [ vps3 ];
--- a/newinfra/nix/secrets/wg_private_vps1.age
+++ b/newinfra/nix/secrets/wg_private_vps1.age
--- a/newinfra/nix/secrets/wg_private_vps3.age
+++ b/newinfra/nix/secrets/wg_private_vps3.age
--- a/newinfra/nix/secrets/widetom_bot_token.age
+++ b/newinfra/nix/secrets/widetom_bot_token.age
@ -1,5 +1,5 @@
 age-encryption.org/v1
-> ssh-ed25519 qM6TYg QH/EVwQfdmMHu8vIo9syo0bTUyNBKoe3A07SjurCc1E
+-> ssh-ed25519 qM6TYg ftpW/zGgZcGI6jnmrkYlOO9bjMNHO7vk/WJIlCQzYTE
-i/yDjhUQ19xSRvVrVM6AYDdKiVZl9De0x2nYe6oTOTQ
+LXRiwiUinl5HTt9ZfA+HQlSIL5K1TXFzLQXigEajU38
--- FYddl3UOUij5+7pHERg9HXlXejFIJCRXOmD3HbyolDg
+--- pE7CTJBICuROEQUVmK3hDad8yoiurMXvkizsAuZn6HA
-°ñq-s¾Ù¹\ìøN6ò¨î£Ç<C2A3>‘K.ÞÁ‹xÐ–ˆ¶**A¹€WÂßVYŠŸÎÞê»Õ~Ù	u©Ác«}›d„<Wòz8æ—&ÛpGXÞèã…õMë_<16>knW9ä
+†ÐœŒ Nø&Ê‘ûã<04>‡Ò™iD4óéQ<C3A9>›ËSdZÚmSI	DÎÂ$ŽIÜßîýd<>C’Œ¿}¦Y À¥ŽjÌ.Í-¶»<C2B6>HüN€Ô;[Ûñ}†¥ŸÄd»|
--- a/newinfra/nix/secrets/widetom_config_toml.age
+++ b/newinfra/nix/secrets/widetom_config_toml.age
--- a/newinfra/secrets-git-crypt/hugochat_db_password
+++ b/newinfra/secrets-git-crypt/hugochat_db_password