summaryrefslogtreecommitdiff
path: root/Biz/Que.nix
blob: ac89a56d314ff08e73374ca385c6a3f567820a59 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
{ nixpkgs ? import ./Bild.nix { } }:
with nixpkgs;

# The production server for que.run

bild.os {
  imports =
    [ ./OsBase.nix ./Packages.nix ./Users.nix ./Que/Host.nix ./Que/Site.nix ];
  networking.hostName = "prod-que";
  networking.domain = "que.run";
  services.que-server = {
    enable = true;
    port = 80;
    package = bild.run ./Que/Host.hs;
  };
  boot.loader.grub.device = "/dev/vda";
  fileSystems."/" = {
    device = "/dev/vda1";
    fsType = "ext4";
  };
  swapDevices = [{
    device = "/swapfile";
  } # 4GB
    ];
  networking.firewall.allowedTCPPorts = [ 22 80 443 ];
  networking = {
    nameservers = [ "67.207.67.2" "67.207.67.3" ];
    defaultGateway = "157.245.224.1";
    defaultGateway6 = "2604:a880:2:d1::1";
    dhcpcd.enable = false;
    usePredictableInterfaceNames = lib.mkForce true;
    interfaces = {
      eth0 = {
        ipv4.addresses = [
          {
            address = "157.245.236.44";
            prefixLength = 20;
          }
          {
            address = "10.46.0.5";
            prefixLength = 16;
          }
        ];
        ipv6.addresses = [
          {
            address = "2604:a880:2:d1::a2:5001";
            prefixLength = 64;
          }
          {
            address = "fe80::7892:a5ff:fec6:dbc3";
            prefixLength = 64;
          }
        ];
        ipv4.routes = [{
          address = "157.245.224.1";
          prefixLength = 32;
        }];
        ipv6.routes = [{
          address = "2604:a880:2:d1::1";
          prefixLength = 32;
        }];
      };
    };
  };
  services = {
    que-website = {
      enable = true;
      namespace = "_";
      package = bild.run ./Que/Site.hs;
    };

    udev.extraRules = ''
      ATTR{address}=="7a:92:a5:c6:db:c3", NAME="eth0"
    '';
  };
}