{ bild ? import ../Biz/Bild.nix {} , nixpkgs ? import ../Biz/Bild/Nixpkgs.nix }: # Production server for herocomics.app bild.os { imports = [ ../Biz/OsBase.nix ../Biz/Packages.nix ../Biz/Users.nix ./Service.nix ]; networking.hostName = "prod-herocomics"; networking.domain = "herocomics.app"; boot.loader.grub.device = "/dev/vda"; fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; }; networking = { firewall.allowedTCPPorts = [ 22 80 443 ]; nameservers = [ "67.207.67.2" "67.207.67.3" ]; defaultGateway = "138.68.40.1"; defaultGateway6 = ""; dhcpcd.enable = false; usePredictableInterfaceNames = nixpkgs.lib.mkForce true; interfaces = { eth0 = { ipv4.addresses = [ { address="138.68.40.97"; prefixLength=21; } { address="10.46.0.5"; prefixLength=16; } ]; ipv6.addresses = [ { address="fe80::b063:c4ff:fee5:d636"; prefixLength=64; } ]; ipv4.routes = [ { address = "138.68.40.1"; prefixLength = 32; } ]; ipv6.routes = [ { address = ""; prefixLength = 32; } ]; }; }; }; services = { herocomics = { enable = true; port = 3000; host = bild.ghc ./Host.hs; node = bild.ghcjs ./Node.hs; keep = "/var/lib/hero"; }; udev.extraRules = '' ATTR{address}=="b2:63:c4:e5:d6:36", NAME="eth0" ''; }; }