Add host surgat and move weechat to it.

2020-12-30 15:11:19 +01:00 · 2020-12-30 15:11:19 +01:00 · cbfe1f0d11
commit cbfe1f0d11
parent 186fb9d017
6 changed files with 68 additions and 16 deletions
--- a/default.nix
+++ b/default.nix
@ -7,6 +7,9 @@ with pkgs;
  hmModules = import ./modules/home;
  overlays = import ./overlays;
  profiles = import ./modules/profiles;
  hmProfiles = import ./modules/home/profiles;
  tubslatex = callPackage ./pkgs/tubslatex {};
  keys = callPackage ./pkgs/keys {};
 }
--- a/hosts/gorgon/home/default.nix
+++ b/hosts/gorgon/home/default.nix
@ -19,6 +19,7 @@ in
    kitty.enable = true;
    ssh.enable = true;
    syncthing.enable = true;
    tmux.enable = true;
    xdg.enable = true;
    zsh.enable = true;
--- a/hosts/ifrit/default.nix
+++ b/hosts/ifrit/default.nix
@ -2,7 +2,7 @@
 let
  hostAliases = [
    "ifrit.dadada.li"
-    "vpn.dadada.li"
+    "bs.vpn.dadada.li"
    "media.dadada.li"
    "media.local"
  ];
@ -36,8 +36,6 @@ in {
        key = "0eWP1hzkyoXlrjPSOq+6Y1u8tnFH+SejBJs8f8lf+iU=";
      };
    };
    weechat.enable = true;
  };
  services.borgbackup.repos = {
@ -117,16 +115,16 @@ in {
  security.acme = {
    email = "d553a78d-0349-48db-9c20-5b27af3a1dfc@dadada.li";
    acceptTerms = true;
-    certs."webchat.dadada.li" = {
+  #  certs."webchat.dadada.li" = {
-      credentialsFile = "/var/lib/lego/acme-joker.env";
+  #    credentialsFile = "/var/lib/lego/acme-joker.env";
-      dnsProvider = "joker";
+  #    dnsProvider = "joker";
-      postRun = "systemctl reload nginx.service";
+  #    postRun = "systemctl reload nginx.service";
-    };
+  #  };
-    certs."weechat.dadada.li" = {
+  #  certs."weechat.dadada.li" = {
-      credentialsFile = "/var/lib/lego/acme-joker.env";
+  #    credentialsFile = "/var/lib/lego/acme-joker.env";
-      dnsProvider = "joker";
+  #    dnsProvider = "joker";
-      postRun = "systemctl reload nginx.service";
+  #    postRun = "systemctl reload nginx.service";
-    };
+  #  };
  };
  users.users."mist" = {
--- a/hosts/surgat/default.nix
+++ b/hosts/surgat/default.nix
@ -0,0 +1,43 @@
 { config, pkgs, lib, ... }:
 let
  hostName = "surgat";
  this = import ../.. {};
  keys = ../../pkgs/keys/keys;
 in {
  imports = [ this.profiles.base ];
  networking.hostName = hostName;
  dadada.admin = {
    enable = true;
    users = [ "dadada" ];
  };
  dadada.networking.vpnExtension = "4";
  dadada.weechat.enable = true;
  networking.useDHCP = false;
  networking.interfaces.ens3.useDHCP = true;
  networking.firewall = {
    enable = true;
    allowPing = true;
    allowedTCPPorts = [
      22 # SSH
      80 443 # HTTPS
    ];
    allowedUDPPorts = [
      51234 # Wireguard
    ];
  };
  security.acme = {
    email = "d553a78d-0349-48db-9c20-5b27af3a1dfc@dadada.li";
    acceptTerms = true;
  };
  # Use the GRUB 2 boot loader.
  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  boot.loader.grub.device = "/dev/sda";
 }
--- a/modules/profiles/default.nix
+++ b/modules/profiles/default.nix
@ -0,0 +1,4 @@
 {
  base = ./base;
  laptop = ./laptop;
 }
--- a/modules/weechat.nix
+++ b/modules/weechat.nix
@ -14,9 +14,12 @@ in {
    };
    services.nginx.virtualHosts."webchat.dadada.li" = {
-      useACMEHost = "webchat.dadada.li";
+      enableACME = true;
      forceSSL = true;
-      serverAliases = [ "webchat.${config.networking.domain}" ];
+      serverAliases = [
        "webchat.${config.networking.domain}"
        "weechat.${config.networking.domain}"
      ];
      root = pkgs.glowing-bear;
@ -30,7 +33,7 @@ in {
      };
    };
    services.nginx.virtualHosts."weechat.dadada.li" = {
-      useACMEHost = "weechat.dadada.li";
+      useACMEHost = "webchat.dadada.li";
      forceSSL = true;
      serverAliases = [ "weechat.${config.networking.domain}" ];