1 files changed, 61 insertions, 0 deletions

diff --git a/Biz/Que/Prod.nix b/Biz/Que/Prod.nix
new file mode 100644
index 0000000..12da1eb
--- /dev/null
+++ b/Biz/Que/Prod.nix
@@ -0,0 +1,61 @@
+{ bild, lib }:
+
+# The production server for que.run
+
+bild.os {
+  imports = [
+    ../OsBase.nix
+    ../Packages.nix
+    ../Users.nix
+    ./Host.nix
+    ./Site.nix
+  ];
+  networking.hostName = "prod-que";
+  networking.domain = "que.run";
+  services.que-server = {
+    enable = true;
+    port = 80;
+    package = bild.ghc ./Host.hs;
+  };
+  boot.loader.grub.device = "/dev/vda";
+  fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
+  swapDevices = [
+    { device = "/swapfile"; } # 4GB
+  ];
+  networking.firewall.allowedTCPPorts = [ 22 80 443 ];
+  networking = {
+    nameservers = [
+      "67.207.67.2"
+      "67.207.67.3"
+    ];
+    defaultGateway = "157.245.224.1";
+    defaultGateway6 = "2604:a880:2:d1::1";
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce true;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          { address="157.245.236.44"; prefixLength=20; }
+          { address="10.46.0.5"; prefixLength=16; }
+        ];
+        ipv6.addresses = [
+          { address="2604:a880:2:d1::a2:5001"; prefixLength=64; }
+          { address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; }
+        ];
+        ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ];
+        ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ];
+      };
+    };
+  };
+  services = {
+    que-website = {
+      enable = true;
+      namespace = "_";
+      package = bild.ghc ./Site.hs;
+    };
+
+    udev.extraRules = ''
+      ATTR{address}=="7a:92:a5:c6:db:c3", NAME="eth0"
+    '';
+  };
+}