diff options
| -rw-r--r-- | README.md | 10 | ||||
| -rw-r--r-- | configuration.nix | 38 | ||||
| -rw-r--r-- | deploy.nix | 36 | ||||
| -rw-r--r-- | hardware-configuration.nix | 6 | ||||
| -rw-r--r-- | ibb/LICENSE | 1 | ||||
| -rw-r--r-- | ibb/ibb.cabal | 11 | ||||
| -rw-r--r-- | networking.nix | 30 | ||||
| -rw-r--r-- | nixos.nix | 16 |
8 files changed, 106 insertions, 42 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..6e98291 --- /dev/null +++ b/README.md @@ -0,0 +1,10 @@ +# Deployment + +To build the production server config locally: + + nix-build --attr system ./nixos.nix + +To deploy: + + nix-deploy --to root@simatime.com \ + --path $(nix-build --no-out-path ./nixos.nix) diff --git a/configuration.nix b/configuration.nix new file mode 100644 index 0000000..389f44f --- /dev/null +++ b/configuration.nix @@ -0,0 +1,38 @@ +{ ... }: + +{ + nixpkgs.config.packageOverrides = pkgs: { + ibb = import ./ibb/default.nix {}; + }; + services = { + + ibb.enable = true; + + nginx = { + enable = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + virtualHosts = { + "ibb.simatime.com" = { + forceSSL = true; + enableACME = true; + locations = { + "/" = { + proxyPass = "http://localhost:3000"; + }; + }; + }; + }; + }; + }; + + boot.cleanTmpDir = true; + networking.hostName = "simatime"; + networking.firewall.allowPing = true; + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiNB0iF9ClawNEizBtdYucqp1tAXXRbqvlPS6PFRrtiwSl+SJD29BCLgA5rLxcmFhBHZ/iId/En7GPFEzI/gMu071J7pUI4OcW0UVZju3GNc6ZEz/a6AD2u79JiXEDHfPEdmMqAe36kkaK0KJWSQP3xsFRwJ+8F8HHbSwoCLL+GJhBgAWHQLGfKesNrDacNljNDU3CgkEnDmu8QKuSzH2k1vrr69q2u2iMSAdiStDBAWEjN5nCVrm2XB2vmFLMtXpX2n8JI+znOGzRRDc8dNXejQeDMZGyV6jfVidEIX7vdgSydGjTRKcCLVAsKY3z0gYBZ8u8EUNujgcFBnnAvytj ben@neb" + ]; +} diff --git a/deploy.nix b/deploy.nix deleted file mode 100644 index d3a23d9..0000000 --- a/deploy.nix +++ /dev/null @@ -1,36 +0,0 @@ -# Nix config for the main biz machine. - -{ pkgs -, config -, ..., -}: - -{ - imports = [ ./ibb/module.nix ]; - nixpkgs.config.packageOverrides = pkgs: { - ibb = import ./ibb/default.nix {}; - }; - services = { - - ibb.enable = true; - - nginx = { - enable = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - virtualHosts = { - "ibb.buildmindful.com" = { - forceSSL = true; - enableACME = true; - locations = { - "/" = { - proxyPass = "http://localhost:3000"; - }; - }; - }; - }; - }; - }; -} diff --git a/hardware-configuration.nix b/hardware-configuration.nix new file mode 100644 index 0000000..8c88cb7 --- /dev/null +++ b/hardware-configuration.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ]; + boot.loader.grub.device = "/dev/vda"; + fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; }; +} diff --git a/ibb/LICENSE b/ibb/LICENSE new file mode 100644 index 0000000..1d1026a --- /dev/null +++ b/ibb/LICENSE @@ -0,0 +1 @@ +All rights reserved.
\ No newline at end of file diff --git a/ibb/ibb.cabal b/ibb/ibb.cabal index 2543ebb..a3510af 100644 --- a/ibb/ibb.cabal +++ b/ibb/ibb.cabal @@ -2,24 +2,23 @@ name: ibb version: 2 category: Text homepage: https://bsima.me -author: Nick Sima +author: Nick Sima maintainer: nicksima@gmail.com copyright: 2018 Nick Sima -license: BSD3 +license: AllRightsReserved license-file: LICENSE build-type: Simple cabal-version: >= 1.10 executable ibb main-is: Main.hs - other-modules: - Paths_web hs-source-dirs: . default-extensions: OverloadedStrings ghc-options: -Wall -threaded -rtsopts -with-rtsopts=-N build-depends: base >= 4.6 && < 5 - , scotty + , scotty , shakespeare - , blaze + , blaze-html + , blaze-markup default-language: Haskell2010
\ No newline at end of file diff --git a/networking.nix b/networking.nix new file mode 100644 index 0000000..6c55005 --- /dev/null +++ b/networking.nix @@ -0,0 +1,30 @@ +{ lib, ... }: { + # This file was populated at runtime with the networking + # details gathered from the active system. + networking = { + nameservers = [ + "67.207.67.2" + "67.207.67.3" + ]; + defaultGateway = "159.89.128.1"; + defaultGateway6 = ""; + dhcpcd.enable = false; + usePredictableInterfaceNames = lib.mkForce true; + interfaces = { + eth0 = { + ipv4.addresses = [ + { address="159.89.128.69"; prefixLength=20; } +{ address="10.46.0.6"; prefixLength=16; } + ]; + ipv6.addresses = [ + { address="fe80::e899:c0ff:fe9c:e194"; prefixLength=64; } + ]; + }; + + }; + }; + services.udev.extraRules = '' + ATTR{address}=="ea:99:c0:9c:e1:94", NAME="eth0" + + ''; +} diff --git a/nixos.nix b/nixos.nix new file mode 100644 index 0000000..cc76470 --- /dev/null +++ b/nixos.nix @@ -0,0 +1,16 @@ +# Nix config for the main biz machine. + +let + nixpkgs = fetchGit (import ./pkgs.nix); +in +import "${nixpkgs}/nixos" { + system = "x86_64-linux"; + configuration = { + imports = [ + ./hardware-configuration.nix + ./networking.nix + ./configuration.nix + ./ibb/module.nix + ]; + }; +} |