summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Sima <ben@bsima.me>2019-01-30 17:20:43 -0800
committerBen Sima <ben@bsima.me>2019-01-30 17:20:43 -0800
commit67ddf074edec7631067c5f634c3e56e0848cd11f (patch)
treec1d309daade3b6bbc507b845dd1c4c23b1ccdfca
parent6750622c47a90060159544c8c928ef3440a43ec9 (diff)
Build production machine locally
-rw-r--r--README.md10
-rw-r--r--configuration.nix38
-rw-r--r--deploy.nix36
-rw-r--r--hardware-configuration.nix6
-rw-r--r--ibb/LICENSE1
-rw-r--r--ibb/ibb.cabal11
-rw-r--r--networking.nix30
-rw-r--r--nixos.nix16
8 files changed, 106 insertions, 42 deletions
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..6e98291
--- /dev/null
+++ b/README.md
@@ -0,0 +1,10 @@
+# Deployment
+
+To build the production server config locally:
+
+ nix-build --attr system ./nixos.nix
+
+To deploy:
+
+ nix-deploy --to root@simatime.com \
+ --path $(nix-build --no-out-path ./nixos.nix)
diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..389f44f
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,38 @@
+{ ... }:
+
+{
+ nixpkgs.config.packageOverrides = pkgs: {
+ ibb = import ./ibb/default.nix {};
+ };
+ services = {
+
+ ibb.enable = true;
+
+ nginx = {
+ enable = true;
+ recommendedGzipSettings = true;
+ recommendedOptimisation = true;
+ recommendedProxySettings = true;
+ recommendedTlsSettings = true;
+ virtualHosts = {
+ "ibb.simatime.com" = {
+ forceSSL = true;
+ enableACME = true;
+ locations = {
+ "/" = {
+ proxyPass = "http://localhost:3000";
+ };
+ };
+ };
+ };
+ };
+ };
+
+ boot.cleanTmpDir = true;
+ networking.hostName = "simatime";
+ networking.firewall.allowPing = true;
+ services.openssh.enable = true;
+ users.users.root.openssh.authorizedKeys.keys = [
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiNB0iF9ClawNEizBtdYucqp1tAXXRbqvlPS6PFRrtiwSl+SJD29BCLgA5rLxcmFhBHZ/iId/En7GPFEzI/gMu071J7pUI4OcW0UVZju3GNc6ZEz/a6AD2u79JiXEDHfPEdmMqAe36kkaK0KJWSQP3xsFRwJ+8F8HHbSwoCLL+GJhBgAWHQLGfKesNrDacNljNDU3CgkEnDmu8QKuSzH2k1vrr69q2u2iMSAdiStDBAWEjN5nCVrm2XB2vmFLMtXpX2n8JI+znOGzRRDc8dNXejQeDMZGyV6jfVidEIX7vdgSydGjTRKcCLVAsKY3z0gYBZ8u8EUNujgcFBnnAvytj ben@neb"
+ ];
+}
diff --git a/deploy.nix b/deploy.nix
deleted file mode 100644
index d3a23d9..0000000
--- a/deploy.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-# Nix config for the main biz machine.
-
-{ pkgs
-, config
-, ...,
-}:
-
-{
- imports = [ ./ibb/module.nix ];
- nixpkgs.config.packageOverrides = pkgs: {
- ibb = import ./ibb/default.nix {};
- };
- services = {
-
- ibb.enable = true;
-
- nginx = {
- enable = true;
- recommendedGzipSettings = true;
- recommendedOptimisation = true;
- recommendedProxySettings = true;
- recommendedTlsSettings = true;
- virtualHosts = {
- "ibb.buildmindful.com" = {
- forceSSL = true;
- enableACME = true;
- locations = {
- "/" = {
- proxyPass = "http://localhost:3000";
- };
- };
- };
- };
- };
- };
-}
diff --git a/hardware-configuration.nix b/hardware-configuration.nix
new file mode 100644
index 0000000..8c88cb7
--- /dev/null
+++ b/hardware-configuration.nix
@@ -0,0 +1,6 @@
+{ ... }:
+{
+ imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
+ boot.loader.grub.device = "/dev/vda";
+ fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
+}
diff --git a/ibb/LICENSE b/ibb/LICENSE
new file mode 100644
index 0000000..1d1026a
--- /dev/null
+++ b/ibb/LICENSE
@@ -0,0 +1 @@
+All rights reserved. \ No newline at end of file
diff --git a/ibb/ibb.cabal b/ibb/ibb.cabal
index 2543ebb..a3510af 100644
--- a/ibb/ibb.cabal
+++ b/ibb/ibb.cabal
@@ -2,24 +2,23 @@ name: ibb
version: 2
category: Text
homepage: https://bsima.me
-author: Nick Sima
+author: Nick Sima
maintainer: nicksima@gmail.com
copyright: 2018 Nick Sima
-license: BSD3
+license: AllRightsReserved
license-file: LICENSE
build-type: Simple
cabal-version: >= 1.10
executable ibb
main-is: Main.hs
- other-modules:
- Paths_web
hs-source-dirs: .
default-extensions: OverloadedStrings
ghc-options: -Wall -threaded -rtsopts -with-rtsopts=-N
build-depends:
base >= 4.6 && < 5
- , scotty
+ , scotty
, shakespeare
- , blaze
+ , blaze-html
+ , blaze-markup
default-language: Haskell2010 \ No newline at end of file
diff --git a/networking.nix b/networking.nix
new file mode 100644
index 0000000..6c55005
--- /dev/null
+++ b/networking.nix
@@ -0,0 +1,30 @@
+{ lib, ... }: {
+ # This file was populated at runtime with the networking
+ # details gathered from the active system.
+ networking = {
+ nameservers = [
+ "67.207.67.2"
+ "67.207.67.3"
+ ];
+ defaultGateway = "159.89.128.1";
+ defaultGateway6 = "";
+ dhcpcd.enable = false;
+ usePredictableInterfaceNames = lib.mkForce true;
+ interfaces = {
+ eth0 = {
+ ipv4.addresses = [
+ { address="159.89.128.69"; prefixLength=20; }
+{ address="10.46.0.6"; prefixLength=16; }
+ ];
+ ipv6.addresses = [
+ { address="fe80::e899:c0ff:fe9c:e194"; prefixLength=64; }
+ ];
+ };
+
+ };
+ };
+ services.udev.extraRules = ''
+ ATTR{address}=="ea:99:c0:9c:e1:94", NAME="eth0"
+
+ '';
+}
diff --git a/nixos.nix b/nixos.nix
new file mode 100644
index 0000000..cc76470
--- /dev/null
+++ b/nixos.nix
@@ -0,0 +1,16 @@
+# Nix config for the main biz machine.
+
+let
+ nixpkgs = fetchGit (import ./pkgs.nix);
+in
+import "${nixpkgs}/nixos" {
+ system = "x86_64-linux";
+ configuration = {
+ imports = [
+ ./hardware-configuration.nix
+ ./networking.nix
+ ./configuration.nix
+ ./ibb/module.nix
+ ];
+ };
+}