From e5dbfd32b52e35aecf961b8b80a5f70e76c3cb83 Mon Sep 17 00:00:00 2001
From: Ben Sima <ben@bsima.me>
Date: Sun, 5 Apr 2020 15:53:37 -0700
Subject: Deploy que.run without nginx

I still have to reimplement the SSL stuff but in the Haskell code. That
seems kinda hard or at least requires research that I don't wanna do
right now.
---
 Run/Que/Prod.nix | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 Run/Que/Prod.nix

(limited to 'Run/Que/Prod.nix')

diff --git a/Run/Que/Prod.nix b/Run/Que/Prod.nix
new file mode 100644
index 0000000..63e4be3
--- /dev/null
+++ b/Run/Que/Prod.nix
@@ -0,0 +1,39 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
+  boot.loader.grub.device = "/dev/vda";
+  fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
+  networking.firewall.allowedTCPPorts = [ 22 80 443 ];
+  services.que-server = {
+    enable = true;
+    port = 80;
+    package = pkgs.que-server;
+  };
+  networking = {
+    nameservers = [
+      "67.207.67.2"
+      "67.207.67.3"
+    ];
+    defaultGateway = "157.245.224.1";
+    defaultGateway6 = "2604:a880:2:d1::1";
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce true;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          { address="157.245.236.44"; prefixLength=20; }
+          { address="10.46.0.5"; prefixLength=16; }
+        ];
+        ipv6.addresses = [
+          { address="2604:a880:2:d1::a2:5001"; prefixLength=64; }
+          { address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; }
+        ];
+        ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ];
+        ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ];
+      };
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="7a:92:a5:c6:db:c3", NAME="eth0"
+  '';
+}
-- 
cgit v1.2.3