blob: 70272ae6770ef36f7ca3e561ccbfdb17b93b00b3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
{ bild ? import ../Bild/Rules.nix {}
, nixpkgs ? import ../Bild/Nixpkgs.nix
}:
# The production server for que.run
bild.os {
imports = [
../OsBase.nix
../Packages.nix
../Users.nix
./Host.nix
./Site.nix
];
networking.hostName = "prod-que";
networking.domain = "que.run";
services.que-server = {
enable = true;
port = 80;
package = bild.ghc ./Host.hs;
};
boot.loader.grub.device = "/dev/vda";
fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
swapDevices = [
{ device = "/swapfile"; } # 4GB
];
networking.firewall.allowedTCPPorts = [ 22 80 443 ];
networking = {
nameservers = [
"67.207.67.2"
"67.207.67.3"
];
defaultGateway = "157.245.224.1";
defaultGateway6 = "2604:a880:2:d1::1";
dhcpcd.enable = false;
usePredictableInterfaceNames = nixpkgs.lib.mkForce true;
interfaces = {
eth0 = {
ipv4.addresses = [
{ address="157.245.236.44"; prefixLength=20; }
{ address="10.46.0.5"; prefixLength=16; }
];
ipv6.addresses = [
{ address="2604:a880:2:d1::a2:5001"; prefixLength=64; }
{ address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; }
];
ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ];
ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ];
};
};
};
services = {
que-website = {
enable = true;
namespace = "_";
package = bild.ghc ./Site.hs;
};
udev.extraRules = ''
ATTR{address}=="7a:92:a5:c6:db:c3", NAME="eth0"
'';
};
}
|